COOEY // HUBcompliance · community · intelligence

FAIL › dossier

IOS and IOS XE product

18
failure events
0
zero-days
12
RCEs
18
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 18 events

DateEventSevFlagsShameSummary
2025-09-29 CVE-2025-20352 high ⚡RCE ⌖KEV 65 Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected s
2023-04-19 CVE-2017-6742 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
2022-03-25 CVE-2017-3881 high ⚡RCE ⌖KEV 65 A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
2022-03-03 CVE-2017-6739 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
2022-03-03 CVE-2018-0151 high ⚡RCE ⌖KEV 65 A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
2022-03-03 CVE-2017-6743 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
2022-03-03 CVE-2017-6740 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
2022-03-03 CVE-2017-6738 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
2022-03-03 CVE-2017-6737 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
2022-03-03 CVE-2017-6736 high ⚡RCE ⌖KEV 65 The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
2022-03-03 CVE-2017-12240 high ⚡RCE ⌖KEV 65 The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
2021-11-03 CVE-2018-0171 high ⚡RCE ⌖KEV 65 Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
2023-10-10 CVE-2023-20109 high ⌖KEV 50 Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a
2022-03-03 CVE-2018-0173 high ⌖KEV 50 A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).
2022-03-03 CVE-2017-6663 high ⌖KEV 50 A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
2022-03-03 CVE-2017-6627 high ⌖KEV 50 A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.
2022-03-03 CVE-2017-12237 high ⌖KEV 50 A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.
2022-03-03 CVE-2018-0172 high ⌖KEV 50 A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).