Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:15.4\(3\)m4:*:*:*:*:*:*:*

part: o version: 15.4(3)m4 update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-20186 vulnerable 2026-06-08 05:52:41.353948 Details available
HIGH (8)
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP). This vulnerability is due to incorrect processing of SCP commands in AAA command authorization checks. An attacker with valid credentials and level 15 privileges could exploit this vulnerability by using SCP to connect to an affected device from an external machine. A successful exploit could allow the attacker to obtain or change the configuration of the affected device and put files on or retrieve files from the affected device.
Published: 2023-09-27T17:22:02.802Z
Updated: 2025-12-16T18:23:20.001Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-20109 vulnerable 2026-06-08 05:52:40.113082 Details available
MEDIUM (6.6)
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition. For more information, see the Details ["#details"] section of this advisory.
Published: 2023-09-27T17:23:21.589Z
Updated: 2025-10-21T23:05:36.370Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-20080 vulnerable 2026-06-08 05:52:39.107497 Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability
HIGH (8.6)
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.
Published: 2023-03-23T00:00:00.000Z
Updated: 2024-10-28T16:32:31.260Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-20920 vulnerable 2026-06-08 05:39:57.220456 Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
HIGH (7.7)
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload.
Published: 2022-10-10T20:43:15.882Z
Updated: 2026-05-27T12:49:59.670Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-20761 vulnerable 2026-06-08 05:39:54.615196 Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability
HIGH (7.4)
A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.
Published: 2022-04-15T14:20:14.708Z
Updated: 2024-11-06T16:25:00.639Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34705 vulnerable 2026-06-08 05:32:15.904932 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34699 vulnerable 2026-06-08 05:32:14.666344 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-1620 vulnerable 2026-06-08 05:29:01.330166 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3234 vulnerable 2026-06-08 05:25:54.190911 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3230 vulnerable 2026-06-08 05:25:54.085045 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3228 vulnerable 2026-06-08 05:25:53.996599 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3226 vulnerable 2026-06-08 05:25:53.931457 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3217 vulnerable 2026-06-08 05:25:53.651087 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3205 vulnerable 2026-06-08 05:25:53.409205 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3204 vulnerable 2026-06-08 05:25:53.378480 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3201 vulnerable 2026-06-08 05:25:53.158172 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3200 vulnerable 2026-06-08 05:25:52.059675 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3199 vulnerable 2026-06-08 05:25:51.506789 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3198 vulnerable 2026-06-08 05:25:51.445754 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1761 vulnerable 2026-06-08 05:13:29.084326 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1752 vulnerable 2026-06-08 05:13:28.415318 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1751 vulnerable 2026-06-08 05:13:28.356275 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1748 vulnerable 2026-06-08 05:13:28.278858 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1737 vulnerable 2026-06-08 05:13:27.417436 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6770 vulnerable 2026-06-08 05:09:54.692004 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6744 vulnerable 2026-06-08 05:09:52.622394 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6627 vulnerable 2026-06-08 05:09:51.801363 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3863 vulnerable 2026-06-08 05:09:37.683337 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3862 vulnerable 2026-06-08 05:09:37.669709 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3861 vulnerable 2026-06-08 05:09:37.658532 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3860 vulnerable 2026-06-08 05:09:37.634260 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-12228 vulnerable 2026-06-08 05:08:45.775985 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6382 vulnerable 2026-06-08 05:08:01.955048 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6381 vulnerable 2026-06-08 05:08:01.869545 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6380 vulnerable 2026-06-08 05:08:01.792534 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1409 vulnerable 2026-06-08 05:07:31.057049 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.