Vulnerabilities > Cisco > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-24 CVE-2020-3527 Resource Exhaustion vulnerability in Cisco IOS XE
A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device.
network
low complexity
cisco CWE-400
8.6
2020-09-24 CVE-2020-3526 Improper Input Validation vulnerability in Cisco IOS XE 17.2
A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.
network
low complexity
cisco CWE-20
8.6
2020-09-24 CVE-2020-3512 Resource Exhaustion vulnerability in Cisco IOS XE 15.2(7)E
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-400
7.4
2020-09-24 CVE-2020-3511 Improper Input Validation vulnerability in Cisco IOS XE 15.1(4)M
A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-20
7.4
2020-09-24 CVE-2020-3510 Resource Exhaustion vulnerability in Cisco IOS XE 16.12.1/16.12.2/17.1.1
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device.
network
low complexity
cisco CWE-400
8.6
2020-09-24 CVE-2020-3509 Information Exposure Through Discrepancy vulnerability in Cisco IOS XE 16.7(1)
A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition.
network
low complexity
cisco CWE-203
8.6
2020-09-24 CVE-2020-3497 Improper Input Validation vulnerability in Cisco IOS XE 16.12.1
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.
low complexity
cisco CWE-20
7.4
2020-09-24 CVE-2020-3494 Improper Input Validation vulnerability in Cisco IOS XE 16.12.1
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.
low complexity
cisco CWE-20
7.4
2020-09-24 CVE-2020-3493 Improper Input Validation vulnerability in Cisco IOS XE 16.12.1
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.
low complexity
cisco CWE-20
7.4
2020-09-24 CVE-2020-3492 Improper Input Validation vulnerability in Cisco IOS XE 16.12.1
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
8.6