Cisco IOS 16.9.1
Approved changes feed: RSS · Atom
cpe:2.3:o:cisco:ios:16.9.1:*:*:*:*:*:*:*
part: o version: 16.9.1 update: *
| Vendor | Cisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5) |
|---|---|
| Product | Ios (335bd590-b988-5d63-a96b-6de17994d578) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-20433 |
vulnerable | 2026-06-08 06:27:27.827133 |
Details available
HIGH (8.6)
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Published: 2024-09-25T16:26:15.651Z
Updated: 2024-09-25T18:48:42.038Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-20920 |
vulnerable | 2026-06-08 05:39:57.341115 |
Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
HIGH (7.7)
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload.
Published: 2022-10-10T20:43:15.882Z
Updated: 2026-05-27T12:49:59.670Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12672 |
vulnerable | 2026-06-08 05:12:40.125232 |
Cisco IOS XE Software Arbitrary Code Execution Vulnerability
MEDIUM (6.2)
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient file location validation. An attacker could exploit this vulnerability by placing code in a specific format on a USB device and inserting it into an affected Cisco device. A successful exploit could allow the attacker to execute the code with root privileges on the underlying OS of the affected device.
Published: 2019-09-25T20:16:02.526Z
Updated: 2024-11-20T17:09:23.330Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12655 |
vulnerable | 2026-06-08 05:12:39.868132 |
Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability
HIGH (8.6)
A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.
Published: 2019-09-25T20:15:33.502Z
Updated: 2024-11-19T18:56:10.689Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-12649 |
vulnerable | 2026-06-08 05:12:39.795751 |
Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability
MEDIUM (6.7)
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability exists because, under certain circumstances, an affected device can be configured to not verify the digital signatures of system image files during the boot process. An attacker could exploit this vulnerability by abusing a specific feature that is part of the device boot process. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device.
Published: 2019-09-25T20:05:17.289Z
Updated: 2024-11-20T17:10:35.418Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.