Cisco

Cisco - SSH Key Auth

Intro

do you wanna login into your cisco switches with ssh & public key. you can build your config easily and copy/paste it to your switch(es).

Set & Check Variables

  • pubkey: read from ~/.ssh/id_rsa.pub
  • username: root
  • password: will be generated. or set it by hand
# get & convert public key
pubkey=$(cat ~/.ssh/id_rsa.pub |cut -d' ' -f 2 |fold -b -w 72)

# Username Switch
username=root

# Password for User
password=$(openssl rand -hex 12)

# Full Line
echo "username $username privilege 15 password $password"

SSH Pubkey Auth Config Snippet

# Build Config
cat  << EOF


############################################
# Copy/Paste to your Cisco Devices - START #
############################################

conf t

# Set Version
ip ssh version 2
no aaa new-model

# Set User
username $username privilege 15 password $password

# Set Key
ip ssh pubkey-chain 
username $username 
key-string
$pubkey
exit
exit
exit

# vty Stuff
line vty 0 15
 login local
 transport input ssh

end
write
exit

############################################
# Copy/Paste to your Cisco Devices - END   #
############################################


EOF

you should test it in a lab environment before running on productiv switches ;)

Cisco Router, SSH, PubKey, ...

Intro

I stumbled across an old Cisco box in the basement. I thought i might have some fun (or frust?) with the aging Device. The Hardware still works fine, right ? And what about the Software ? Let’s give a try !

Hardware

show version

Cisco 1841 (revision 7.0) with 352256K/40960K bytes of memory.
Processor board ID FCZ1234757Y
6 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
125184K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Software

dir flash

Vuln IOS XE 03.06.04

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.06.04.E

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5 Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability 7.7 CVE-2020-3235 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability 6.8 CVE-2020-3209 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-sbxss Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability 4.8 CVE-2019-12668 2019-09-25T16:00:00
cisco-sa-20160525-ipv6 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability 5.8 CVE-2016-1409 2016-05-25T16:00:00
cisco-sa-20170629-snmp SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software 8.8 CVE-2017-6736 2017-06-29T16:00:00
cisco-sa-20170317-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability 9.8 CVE-2017-3881 2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2019-1746 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability 7.4 CVE-2019-1748 2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability 5.9 CVE-2019-1757 2019-03-27T16:00:00
cisco-sa-20190327-evss Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2019-1750 2019-03-27T16:00:00
cisco-sa-20190109-tcp Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability 6.8 CVE-2018-0282 2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2018-0475 2018-09-26T16:00:00
cisco-sa-20180926-tacplus Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability 6.8 CVE-2018-15369 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180926-errdisable Cisco IOS XE Software Errdisable Denial of Service Vulnerability 7.4 CVE-2018-0480 2018-09-26T16:00:00
cisco-sa-20180328-bfd Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability 8.6 CVE-2018-0155 2018-03-28T16:00:00
cisco-sa-20180328-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 8.6 CVE-2018-0156 2018-03-28T16:00:00
cisco-sa-20180328-smi2 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability 9.8 CVE-2018-0171 2018-03-28T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3 Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability 8.6 CVE-2018-0174 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1 Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability 8.6 CVE-2018-0172 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2 Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability 8.6 CVE-2018-0173 2018-03-28T16:00:00
cisco-sa-20180328-ike-dos Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability 8.6 CVE-2018-0159 2018-03-28T16:00:00
cisco-sa-20180328-privesc1 Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities 7.8 CVE-2018-0169 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
cisco-sa-20171103-bgp Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial of Service Vulnerability 6.8 CVE-2017-12319 2017-11-03T16:00:00
cisco-sa-20170927-ike Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability 8.6 CVE-2017-12237 2017-09-27T16:00:00
cisco-sa-20170927-pnp Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability 8.7 CVE-2017-12228 2017-09-27T16:00:00
cisco-sa-20170727-ospf Multiple Cisco Products OSPF LSA Manipulation Vulnerability 4.2 CVE-2017-6770 2017-07-27T16:00:00
cisco-sa-20170322-dhcpc Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability 8.6 CVE-2017-3864 2017-03-22T16:00:00
cisco-sa-20170322-webui Cisco IOS XE Software Web User Interface Denial of Service Vulnerability 8.6 CVE-2017-3856 2017-03-22T16:00:00
cisco-sa-20161115-iosxe Cisco IOS XE Software Directory Traversal Vulnerability 1.5 CVE-2016-6450 2016-11-15T16:00:00
cisco-sa-20160916-ikev1 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products 7.8 CVE-2016-6415 2016-09-16T16:00:00
cisco-sa-20160928-aaados Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 7.1 CVE-2016-6393 2016-09-28T16:00:00
cisco-sa-20160928-dns Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability 8.3 CVE-2016-6380 2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-6381 2016-09-28T16:00:00
cisco-sa-20160928-msdp Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 7.8 CVE-2016-6382 2016-09-28T16:00:00
cisco-sa-20160928-smi Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 7.8 CVE-2016-6385 2016-09-28T16:00:00
cisco-sa-20160928-frag Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability 7.8 CVE-2016-6386 2016-09-28T16:00:00

Any Comments ?

sha256: 6ab81f9b045a4de2e9b66ef802fe94d2210aa108290fb0c849696f5a7e99eac4

Vuln IOS XE 03.08.06

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.06.E

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5 Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability 7.7 CVE-2020-3235 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability 6.8 CVE-2020-3209 2020-06-03T16:00:00
cisco-sa-priv-esc1-OKMKFRhV Cisco IOS XE Software Privilege Escalation Vulnerability 6.7 CVE-2020-3215 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-sbxss Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability 4.8 CVE-2019-12668 2019-09-25T16:00:00
cisco-sa-20190925-vman Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability 6.7 CVE-2019-12662 2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2019-1746 2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability 7.4 CVE-2019-1748 2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability 5.9 CVE-2019-1757 2019-03-27T16:00:00
cisco-sa-20190327-evss Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2019-1750 2019-03-27T16:00:00
cisco-sa-20190109-tcp Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability 6.8 CVE-2018-0282 2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability 6.8 CVE-2018-15377 2018-09-26T16:00:00

Any Comments ?

sha256: 197718c2b28d9ab55520a09e39a603e394e0401dea6a94a3752eeb18bec4f18a

Vuln IOS XE 17.01.01

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 17.01.01

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-ios-profinet-dos-65qYG3W5 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3512 2020-09-24T16:00:00
cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00
cisco-sa-xbace-OnCEbyS Cisco IOS XE Software Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3417 2020-09-24T16:00:00
cisco-sa-iosxe-isdn-q931-dos-67eUZBTf Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability 7.4 CVE-2020-3511 2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability 6.1 CVE-2020-3479 2020-09-24T16:00:00
cisco-sa-splitdns-SPWqpdGW Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability 8.6 CVE-2020-3408 2020-09-24T16:00:00
cisco-sa-ios-lua-rce-7VeJX4f Cisco IOS XE Software Arbitrary Code Execution Vulnerability 5.1 CVE-2020-3423 2020-09-24T16:00:00
cisco-sa-iosxe-cmdinj-2MzhjM6K Cisco IOS XE Software Command Injection Vulnerability 6.7 CVE-2020-3403 2020-09-24T16:00:00
cisco-sa-COPS-VLD-MpbTvGEW Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability 8.6 CVE-2020-3526 2020-09-24T16:00:00
cisco-sa-le-drTOB625 Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability 7.4 CVE-2020-3465 2020-09-24T16:00:00
cisco-sa-ISR4461-gKKUROhx Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability 8.6 CVE-2020-3414 2020-09-24T16:00:00
cisco-sa-iosxe-rsp3-rce-jVHg8Z7c Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities 6.7 CVE-2020-3416 2020-09-24T16:00:00
cisco-sa-iosxe-dhcp-dos-JSCKX43h Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability 8.6 CVE-2020-3509 2020-09-24T16:00:00
cisco-sa-iosxe-iox-app-host-mcZcnsBt Cisco IOS XE Software IOx Application Hosting Privilege Escalation Vulnerability 6.0 CVE-2020-3393 2020-09-24T16:00:00
cisco-sa-ipsla-jw2DJmSv Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability 8.6 CVE-2020-3422 2020-09-24T16:00:00
cisco-sa-ios-webui-priv-esc-K8zvEWM Cisco IOS XE Software Privilege Escalation Vulnerabilities 8.8 CVE-2020-3141 2020-09-24T16:00:00
cisco-sa-confacl-HbPtfSuO Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service Vulnerability 8.6 CVE-2020-3407 2020-09-24T16:00:00
cisco-sa-ios-xe-webui-multi-vfTkk7yr Cisco IOS XE Software Web Management Framework Vulnerabilities 4.3 CVE-2020-3474 2020-09-24T16:00:00
cisco-sa-zbfw-94ckG4G Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities 8.6 CVE-2020-3421 2020-09-24T16:00:00
cisco-sa-capwap-dos-TPdNTdyq Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities 7.4 CVE-2020-3486 2020-09-24T16:00:00
cisco-sa-capwap-dos-ShFzXf Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability 8.6 CVE-2020-3399 2020-09-24T16:00:00
cisco-sa-ewlc-icmpv6-qb9eYyCR Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability 4.7 CVE-2020-3418 2020-09-24T16:00:00
cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability 7.4 CVE-2020-3390 2020-09-24T16:00:00
cisco-sa-telnetd-EFJrEzPx Telnet Vulnerability Affecting Cisco Products: June 2020 9.8 CVE-2020-10188 2020-06-24T16:00:00
cisco-sa-iosxe-ewlc-dos-TkuPVmZN Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability 8.6 CVE-2020-3203 2020-06-03T16:00:00
cisco-sa-20170726-anicrl Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability 6.5 CVE-2017-6664 2017-07-26T16:00:00
cisco-sa-20170726-aniacp Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability 7.4 CVE-2017-6665 2017-07-26T16:00:00
cisco-sa-20170726-anidos Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability 7.4 CVE-2017-6663 2017-07-26T16:00:00

Any Comments ?

sha256: 7ddd18e78e70dc6896588bffe741600078f06f5fe0bb7a55aa1fabb5979528b9

Vuln IOS 15.4(1)SY4

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.4(1)SY4

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability 6.1 CVE-2020-3479 2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.5 CVE-2020-3201 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-identd-dos Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability 8.6 CVE-2019-12647 2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-c6500 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability 4.7 CVE-2019-1758 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability 6.8 CVE-2018-15377 2018-09-26T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00

Any Comments ?

sha256: c3e4b89e9a31fa5a69fa1ff4839762a32c00430cb927caaf267501554832ac61

Vuln IOS 15.2(1)SY5

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.2(1)SY5

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.5 CVE-2020-3201 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-identd-dos Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability 8.6 CVE-2019-12647 2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability 7.4 CVE-2019-1748 2019-03-27T16:00:00
cisco-sa-20190327-c6500 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability 4.7 CVE-2019-1758 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00

Any Comments ?

sha256: bce3f1e18d4915a7635960f328d32af63e5d8aa804d1e1105dcea0da79e1b5e0

Vuln NXOS 8.2(4)

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 8.2(4)

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 8.2(6) 2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 8.2(6) 2020-08-26T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 8.2(6) 2020-06-03T16:00:00
cisco-sa-20200226-nxos-arp Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability 4.7 CVE-2020-3174 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200226-nxos-api-dos Cisco NX-OS Software NX-API Denial of Service Vulnerability 5.3 CVE-2020-3170 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3120 8.2(5) 2020-02-05T16:00:00

Any Comments ?

sha256: 83f05371aa9a76dc79231c5794783649ccf885061887a5d55bc0d7b2d9ad4fb7

Vuln IOS XE 03.08.09

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.09.E

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability 6.8 CVE-2020-3209 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00

Any Comments ?

sha256: 397e05c88b687a24a6437aef9e0a3eb7a0ffc1b7041065b122ebc5a9c2b85aaf

Vuln IOS 15.0(2)SE8

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.0(2)SE8

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20160525-ipv6 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability 5.8 CVE-2016-1409 2016-05-25T16:00:00
cisco-sa-20180926-ptp Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability 7.5 CVE-2018-0473 2018-09-26T16:00:00
cisco-sa-20170629-snmp SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software 8.8 CVE-2017-6736 2017-06-29T16:00:00
cisco-sa-20170317-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability 9.8 CVE-2017-3881 2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2019-1746 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2018-0475 2018-09-26T16:00:00
cisco-sa-20180926-tacplus Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability 6.8 CVE-2018-15369 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180328-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 8.6 CVE-2018-0156 2018-03-28T16:00:00
cisco-sa-20180328-smi2 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability 9.8 CVE-2018-0171 2018-03-28T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3 Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability 8.6 CVE-2018-0174 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1 Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability 8.6 CVE-2018-0172 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2 Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability 8.6 CVE-2018-0173 2018-03-28T16:00:00
cisco-sa-20180328-ike-dos Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability 8.6 CVE-2018-0159 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
cisco-sa-20170927-dhcp Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability 9.8 CVE-2017-12240 2017-09-27T16:00:00
cisco-sa-20170927-profinet Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability 8.6 CVE-2017-12235 2017-09-27T16:00:00
cisco-sa-20170927-ike Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability 8.6 CVE-2017-12237 2017-09-27T16:00:00
cisco-sa-20170927-pnp Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability 8.7 CVE-2017-12228 2017-09-27T16:00:00
cisco-sa-20170927-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities 8.6 CVE-2017-12233 2017-09-27T16:00:00
cisco-sa-20170727-ospf Multiple Cisco Products OSPF LSA Manipulation Vulnerability 4.2 CVE-2017-6770 2017-07-27T16:00:00
cisco-sa-20170322-dhcpc Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability 8.6 CVE-2017-3864 2017-03-22T16:00:00
cisco-sa-20150923-fhs Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 7.8 CVE-2015-6278 2015-09-23T16:00:00
cisco-sa-20160916-ikev1 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products 7.8 CVE-2016-6415 2016-09-16T16:00:00
cisco-sa-20160928-aaados Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 7.1 CVE-2016-6393 2016-09-28T16:00:00
cisco-sa-20160928-dns Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability 8.3 CVE-2016-6380 2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-6381 2016-09-28T16:00:00
cisco-sa-20160928-msdp Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 7.8 CVE-2016-6382 2016-09-28T16:00:00
cisco-sa-20160928-smi Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 7.8 CVE-2016-6385 2016-09-28T16:00:00
cisco-sa-20160928-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 7.8 CVE-2016-6391 2016-09-28T16:00:00
cisco-sa-20160323-ios-ikev2 Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-1344 2016-03-23T16:00:00
cisco-sa-20160323-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 7.8 CVE-2016-1349 2016-03-23T16:00:00
cisco-sa-20150325-tcpleak Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability 7.8 CVE-2015-0646 2015-03-25T16:00:00
cisco-sa-20150325-cip Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol 7.8 CVE-2015-0647 2015-03-25T16:00:00
cisco-sa-20150320-openssl Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products 2.6 CVE-2015-0207 2015-03-20T20:20:00
cisco-sa-20150408-ntpd Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products 5.0 CVE-2015-1798 2015-04-08T16:00:00
cisco-sa-20150310-ssl Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products 5.0 CVE-2014-3569 2015-03-10T16:00:00
Cisco-SA-20150113-CVE-2015-0204 OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability 5.0 CVE-2015-0204 2015-01-13T19:57:19

Any Comments ?

sha256: 79bf0448ec96592b255cae56173d8046be1d26090c12f05c8ec949a5e494e8f4