Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:12.2\(18\)s:*:*:*:*:*:*:*

part: o version: 12.2(18)s update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-20170 vulnerable 2026-06-08 07:08:43.582390 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:39:11.660Z
Updated: 2025-02-05T16:56:20.675Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20169 vulnerable 2026-06-08 07:08:41.237630 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:40:24.267Z
Updated: 2025-02-05T16:52:06.424Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-20433 vulnerable 2026-06-08 06:27:26.397290 Details available
HIGH (8.6)
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Published: 2024-09-25T16:26:15.651Z
Updated: 2024-09-25T18:48:42.038Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1748 vulnerable 2026-06-08 05:13:28.199648 Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability
HIGH (7.4)
A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt and modify confidential information on user connections to the affected software.
Published: 2019-03-27T23:50:13.064Z
Updated: 2024-09-17T02:02:40.244Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1746 vulnerable 2026-06-08 05:13:27.731399 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
HIGH (7.4)
A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation when processing CMP management packets. An attacker could exploit this vulnerability by sending malicious CMP management packets to an affected device. A successful exploit could cause the switch to crash, resulting in a DoS condition. The switch will reload automatically.
Published: 2019-03-27T23:45:13.618Z
Updated: 2024-11-21T19:41:58.266Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-0197 vulnerable 2026-06-08 05:10:21.970037 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6770 vulnerable 2026-06-08 05:09:53.892967 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6380 vulnerable 2026-06-08 05:08:00.717565 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1409 vulnerable 2026-06-08 05:07:29.770121 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-0384 vulnerable 2026-06-08 05:00:41.907973 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-0382 vulnerable 2026-06-08 05:00:41.876745 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-0381 vulnerable 2026-06-08 05:00:41.554729 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2011-2395 vulnerable 2026-06-08 04:58:06.477829 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-5040 vulnerable 2026-06-08 04:51:51.440000 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4609 vulnerable 2026-06-08 04:50:46.723852 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-5381 vulnerable 2026-06-08 04:50:05.648465 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-2586 vulnerable 2026-06-08 04:49:45.392002 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-1020 vulnerable 2026-06-08 04:48:25.001433 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-1454 vulnerable 2026-06-08 04:47:54.212035 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-1111 vulnerable 2026-06-08 04:47:52.980658 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.