U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:cisco:ios_xe:3.7s.6:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 63 matching records.
Displaying matches 61 through 63.
Vuln ID Summary CVSS Severity
CVE-2014-3409

The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

Published: October 25, 2014; 6:55:05 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.1 MEDIUM
CVE-2014-2183

The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.

Published: April 29, 2014; 6:37:04 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.3 MEDIUM
CVE-2013-6692

Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.

Published: November 21, 2013; 8:55:04 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.3 MEDIUM