Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:15.2\(4\)jn1:*:*:*:*:*:*:*

part: o version: 15.2(4)jn1 update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-1762 vulnerable 2026-06-08 05:13:29.120311 Cisco IOS and IOS XE Software Information Disclosure Vulnerability
MEDIUM (4.4)
A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations performed at encryption time, when affected software handles configuration updates. An attacker could exploit this vulnerability by retrieving the contents of specific memory locations of an affected device. A successful exploit could result in the disclosure of keying materials that are part of the device configuration, which can be used to recover critical system information.
Published: 2019-03-28T00:30:15.849Z
Updated: 2024-09-16T20:43:39.659Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1761 vulnerable 2026-06-08 05:13:29.019778 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability
MEDIUM (4.3)
A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device.
Published: 2019-03-28T00:25:15.422Z
Updated: 2024-11-21T19:41:22.576Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1758 vulnerable 2026-06-08 05:13:28.506205 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability
MEDIUM (4.7)
A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the network on an 802.1x configured port. A successful exploit could allow the attacker to intermittently obtain access to the network.
Published: 2019-03-28T00:20:14.474Z
Updated: 2024-11-21T19:41:33.000Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1757 vulnerable 2026-06-08 05:13:28.467163 Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability
A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.
Published: 2019-03-28T00:20:21.311Z
Updated: 2024-11-15T15:15:52.387Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1746 vulnerable 2026-06-08 05:13:27.936849 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
HIGH (7.4)
A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation when processing CMP management packets. An attacker could exploit this vulnerability by sending malicious CMP management packets to an affected device. A successful exploit could cause the switch to crash, resulting in a DoS condition. The switch will reload automatically.
Published: 2019-03-27T23:45:13.618Z
Updated: 2024-11-21T19:41:58.266Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1409 vulnerable 2026-06-08 05:07:30.982463 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.