Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3516 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. | 4.0 |
| 2020-09-24 | CVE-2020-3513 | Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2 Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. | 6.7 |
| 2020-09-24 | CVE-2020-3512 | Resource Exhaustion vulnerability in Cisco IOS XE 15.2(7)E A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. | 5.7 |
| 2020-09-24 | CVE-2020-3511 | Improper Input Validation vulnerability in Cisco IOS XE 15.1(4)M A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
| 2020-09-24 | CVE-2020-3510 | Resource Exhaustion vulnerability in Cisco IOS XE 16.12.1/16.12.2/17.1.1 A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. | 7.1 |
| 2020-09-24 | CVE-2020-3509 | Information Exposure Through Discrepancy vulnerability in Cisco IOS XE 16.7(1) A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. | 7.8 |
| 2020-09-24 | CVE-2020-3503 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. | 6.0 |
| 2020-09-24 | CVE-2020-3497 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.1 |
| 2020-09-24 | CVE-2020-3494 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.1 |
| 2020-09-24 | CVE-2020-3493 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.1 |