Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:15.1\(4\)m12a:*:*:*:*:*:*:*

part: o version: 15.1(4)m12a update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-20080 vulnerable 2026-06-08 05:52:38.945781 Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability
HIGH (8.6)
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.
Published: 2023-03-23T00:00:00.000Z
Updated: 2024-10-28T16:32:31.260Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-20920 vulnerable 2026-06-08 05:39:56.888937 Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
HIGH (7.7)
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload.
Published: 2022-10-10T20:43:15.882Z
Updated: 2026-05-27T12:49:59.670Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34705 vulnerable 2026-06-08 05:32:15.761689 Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability
MEDIUM (5.3)
A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers.
Published: 2021-09-23T02:26:09.005Z
Updated: 2024-09-16T18:33:27.582Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3230 vulnerable 2026-06-08 05:25:54.075605 Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
HIGH (7.5)
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed.
Published: 2020-06-03T17:42:23.065Z
Updated: 2024-11-15T17:14:02.843Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3204 vulnerable 2026-06-08 05:25:53.339302 Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability
MEDIUM (6.7)
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to cause memory corruption or execute the code with root privileges on the underlying OS of the affected device.
Published: 2020-06-03T17:40:27.257Z
Updated: 2024-11-15T17:19:26.862Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3201 vulnerable 2026-06-08 05:25:53.128293 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3200 vulnerable 2026-06-08 05:25:51.778492 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1761 vulnerable 2026-06-08 05:13:28.984946 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1752 vulnerable 2026-06-08 05:13:28.406314 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6381 vulnerable 2026-06-08 05:08:01.865387 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6380 vulnerable 2026-06-08 05:08:01.678569 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.