Total vulnerabilities in the database
A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system.
| Software | From | Fixed in |
|---|---|---|
| cisco / ios_xe | 3.6.5be | 3.6.5be.x |
| cisco / ios_xe | 3.7.4e | 3.7.4e.x |
| cisco / ios_xe | 3.9.0e | 3.9.0e.x |
| cisco / ios_xe | 16.2.1 | 16.2.1.x |
| cisco / ios_xe | 16.1.3 | 16.1.3.x |
| cisco / ios_xe | 3.8.3e | 3.8.3e.x |
| cisco / ios_xe | 3.6.5ae | 3.6.5ae.x |
| cisco / ios_xe | 3.18.2s | 3.18.2s.x |
| cisco / ios_xe | 3.6.4e | 3.6.4e.x |
| cisco / ios_xe | 16.1.2 | 16.1.2.x |
| cisco / ios_xe | 3.6.6e | 3.6.6e.x |
| cisco / ios_xe | 3.17.3s | 3.17.3s.x |
| cisco / ios_xe | 3.16.0s | 3.16.0s.x |
| cisco / ios_xe | 3.16.4s | 3.16.4s.x |
| cisco / ios_xe | 3.17.1as | 3.17.1as.x |
| cisco / ios_xe | 3.18.2asp | 3.18.2asp.x |
| cisco / ios_xe | 3.18.3s | 3.18.3s.x |
| cisco / ios_xe | 3.18.0as | 3.18.0as.x |
| cisco / ios_xe | 3.8.4e | 3.8.4e.x |
| cisco / ios_xe | 3.16.2s | 3.16.2s.x |
| cisco / ios_xe | 3.6.7e | 3.6.7e.x |
| cisco / ios_xe | 3.16.0cs | 3.16.0cs.x |
| cisco / ios_xe | 3.18.3sp | 3.18.3sp.x |
| cisco / ios_xe | 16.6.1 | 16.6.1.x |
| cisco / ios_xe | 3.18.1sp | 3.18.1sp.x |
| cisco / ios_xe | 3.17.4s | 3.17.4s.x |
| cisco / ios_xe | 3.17.2s | 3.17.2s.x |
| cisco / ios_xe | 3.16.6s | 3.16.6s.x |
| cisco / ios_xe | 3.16.5s | 3.16.5s.x |
| cisco / ios_xe | 3.16.1s | 3.16.1s.x |
| cisco / ios_xe | 3.7.5e | 3.7.5e.x |
| cisco / ios_xe | 16.1.1 | 16.1.1.x |
| cisco / ios_xe | 3.18.1bsp | 3.18.1bsp.x |
| cisco / ios_xe | 3.8.2e | 3.8.2e.x |
| cisco / ios_xe | 3.18.1csp | 3.18.1csp.x |
| cisco / ios_xe | 3.18.0s | 3.18.0s.x |
| cisco / ios_xe | 3.7.3e | 3.7.3e.x |
| cisco / ios_xe | 3.17.0s | 3.17.0s.x |
| cisco / ios_xe | 3.16.4ds | 3.16.4ds.x |
| cisco / ios_xe | 3.6.3e | 3.6.3e.x |
| cisco / ios_xe | 3.16.3s | 3.16.3s.x |
| cisco / ios_xe | 3.8.1e | 3.8.1e.x |
| cisco / ios_xe | 3.17.1s | 3.17.1s.x |
| cisco / ios_xe | 3.18.2sp | 3.18.2sp.x |
| cisco / ios_xe | 16.4.1 | 16.4.1.x |
| cisco / ios_xe | 3.16.2bs | 3.16.2bs.x |
| cisco / ios_xe | 3.16.1as | 3.16.1as.x |
| cisco / ios_xe | 3.18.1s | 3.18.1s.x |
| cisco / ios_xe | 16.2.2 | 16.2.2.x |
| cisco / ios_xe | 3.18.0sp | 3.18.0sp.x |
| cisco / ios_xe | 3.16.3as | 3.16.3as.x |
| cisco / ios_xe | 3.16.4as | 3.16.4as.x |
| cisco / ios_xe | 3.16.4bs | 3.16.4bs.x |
| cisco / ios_xe | 3.6.5e | 3.6.5e.x |
| cisco / ios_xe | 16.3.1 | 16.3.1.x |
| cisco / ios_xe | 3.8.0e | 3.8.0e.x |
| cisco / ios_xe | 3.16.2as | 3.16.2as.x |
| cisco / ios_xe | 3.18.1asp | 3.18.1asp.x |
| cisco / ios_xe | 3.13.8s | 3.13.8s.x |
| cisco / ios_xe | 3.9.1e | 3.9.1e.x |
| cisco / ios_xe | 16.3.1a | 16.3.1a.x |
| cisco / ios_xe | 16.3.2 | 16.3.2.x |
| cisco / ios_xe | 16.3.3 | 16.3.3.x |
| cisco / ios_xe | 3.16.6bs | 3.16.6bs.x |
| cisco / ios_xe | 16.5.1 | 16.5.1.x |
| cisco / ios_xe | 16.5.1a | 16.5.1a.x |
| cisco / ios_xe | 16.3.4 | 16.3.4.x |
| cisco / ios_xe | 3.9.2e | 3.9.2e.x |
| cisco / ios_xe | 16.5.1b | 16.5.1b.x |
| cisco / ios_xe | 16.4.2 | 16.4.2.x |
| cisco / ios_xe | 3.13.9s | 3.13.9s.x |
| cisco / ios_xe | 16.3.5b | 16.3.5b.x |
| cisco / ios_xe | 16.3.6 | 16.3.6.x |
| cisco / ios_xe | 16.6.3 | 16.6.3.x |
| cisco / ios_xe | 16.8.1 | 16.8.1.x |
| cisco / ios_xe | 16.7.1 | 16.7.1.x |
| cisco / ios_xe | 16.6.2 | 16.6.2.x |
| cisco / ios_xe | 16.9.1 | 16.9.1.x |
| cisco / ios_xe | 3.8.5e | 3.8.5e.x |
| cisco / ios_xe | 3.16.4gs | 3.16.4gs.x |
| cisco / ios_xe | 3.16.4cs | 3.16.4cs.x |
| cisco / ios_xe | 3.16.5bs | 3.16.5bs.x |
| cisco / ios_xe | 3.16.4es | 3.16.4es.x |
| cisco / ios_xe | 16.3.5 | 16.3.5.x |
| cisco / ios_xe | 16.5.2 | 16.5.2.x |
| cisco / ios_xe | 3.9.2be | 3.9.2be.x |
| cisco / ios_xe | 3.16.5as | 3.16.5as.x |
| cisco / ios_xe | 3.8.5ae | 3.8.5ae.x |
| cisco / ios_xe | 3.16.0bs | 3.16.0bs.x |
| cisco / ios_xe | 16.8.1a | 16.8.1a.x |
| cisco / ios_xe | 16.8.1s | 16.8.1s.x |
| cisco / ios_xe | 16.8.1b | 16.8.1b.x |
| cisco / ios_xe | 16.8.2 | 16.8.2.x |
| cisco / ios_xe | 16.7.2 | 16.7.2.x |
| cisco / ios_xe | 16.8.1d | 16.8.1d.x |
| cisco / ios_xe | 16.7.3 | 16.7.3.x |
| cisco / ios_xe | 16.7.1a | 16.7.1a.x |
| cisco / ios_xe | 16.7.1b | 16.7.1b.x |
| cisco / ios_xe | 16.8.1c | 16.8.1c.x |
| cisco / ios_xe | 16.8.1e | 16.8.1e.x |
| cisco / ios_xe | 16.4.3 | 16.4.3.x |
| cisco / ios_xe | 3.6.8e | 3.6.8e.x |
| cisco / ios_xe | 3.10.0ce | 3.10.0ce.x |
| cisco / ios_xe | 3.6.7ae | 3.6.7ae.x |
| cisco / ios_xe | 3.18.3asp | 3.18.3asp.x |
| cisco / ios_xe | 3.10.0e | 3.10.0e.x |
| cisco / ios_xe | 3.18.1isp | 3.18.1isp.x |
| cisco / ios_xe | 16.9.1s | 16.9.1s.x |
| cisco / ios_xe | 3.16.7as | 3.16.7as.x |
| cisco / ios_xe | 3.18.1gsp | 3.18.1gsp.x |
| cisco / ios_xe | 3.18.4s | 3.18.4s.x |
| cisco / ios_xe | 3.16.7s | 3.16.7s.x |
| cisco / ios_xe | 16.9.1c | 16.9.1c.x |
| cisco / ios_xe | 3.18.3bsp | 3.18.3bsp.x |
| cisco / ios_xe | 16.9.1b | 16.9.1b.x |
| cisco / ios_xe | 3.16.7bs | 3.16.7bs.x |
| cisco / ios_xe | 3.18.4sp | 3.18.4sp.x |
| cisco / ios_xe | 3.6.7be | 3.6.7be.x |
| cisco / ios_xe | 3.8.6e | 3.8.6e.x |
| cisco / ios_xe | 16.5.3 | 16.5.3.x |
| cisco / ios_xe | 3.18.1hsp | 3.18.1hsp.x |
| cisco / ios_xe | 3.10.1e | 3.10.1e.x |
| cisco / ios_xe | 3.10.1ae | 3.10.1ae.x |
| cisco / ios_xe | 3.10.1se | 3.10.1se.x |
| cisco / ios_xe | 3.6.10e | 3.6.10e.x |
| cisco / ios_xe | 16.3.7 | 16.3.7.x |
| cisco / ios_xe | 16.3.8 | 16.3.8.x |
| cisco / ios_xe | 16.9.1d | 16.9.1d.x |
| cisco / ios_xe | 3.13.10s | 3.13.10s.x |
| cisco / ios_xe | 16.6.4s | 16.6.4s.x |
| cisco / ios_xe | 16.6.4 | 16.6.4.x |
| cisco / ios_xe | 3.18.5sp | 3.18.5sp.x |
| cisco / ios_xe | 3.16.8s | 3.16.8s.x |
| cisco / ios_xe | 3.10.2e | 3.10.2e.x |
| cisco / ios_xe | 3.6.9e | 3.6.9e.x |
| cisco / ios_xe | 3.8.7e | 3.8.7e.x |
| cisco / ios_xe | 3.16.0as | 3.16.0as.x |
| cisco / ios_xe | 3.6.9ae | 3.6.9ae.x |
| cisco / ios_xe | 16.10.1 | 16.10.1.x |
| cisco / ios_xe | 16.7.4 | 16.7.4.x |
| cisco / ios_xe | 16.9.1a | 16.9.1a.x |
| cisco / ios_xe | 16.9.2a | 16.9.2a.x |
| cisco / ios_xe | 16.9.2 | 16.9.2.x |
| cisco / ios_xe | 16.6.4a | 16.6.4a.x |
| cisco / ios_xe | 3.16.10s | 3.16.10s.x |
| cisco / ios_xe | 16.12.1 | 16.12.1.x |
| cisco / ios_xe | 16.6.5 | 16.6.5.x |
| cisco / ios_xe | 16.11.1 | 16.11.1.x |
| cisco / ios_xe | 17.1.1 | 17.1.1.x |
| cisco / ios_xe | 16.11.1a | 16.11.1a.x |
| cisco / ios_xe | 16.12.1c | 16.12.1c.x |
| cisco / ios_xe | 16.12.1t | 16.12.1t.x |
| cisco / ios_xe | 16.11.2 | 16.11.2.x |
| cisco / ios_xe | 16.12.1s | 16.12.1s.x |
| cisco / ios_xe | 16.12.1a | 16.12.1a.x |
| cisco / ios_xe | 16.12.1x | 16.12.1x.x |
| cisco / ios_xe | 16.11.1c | 16.11.1c.x |
| cisco / ios_xe | 16.11.1b | 16.11.1b.x |
| cisco / ios_xe | 16.11.1s | 16.11.1s.x |
| cisco / ios_xe | 16.12.1w | 16.12.1w.x |
| cisco / ios_xe | 16.10.1s | 16.10.1s.x |
| cisco / ios_xe | 16.10.1d | 16.10.1d.x |
| cisco / ios_xe | 16.9.2s | 16.9.2s.x |
| cisco / ios_xe | 3.11.0e | 3.11.0e.x |
| cisco / ios_xe | 3.16.9s | 3.16.9s.x |
| cisco / ios_xe | 16.6.6 | 16.6.6.x |
| cisco / ios_xe | 16.9.3h | 16.9.3h.x |
| cisco / ios_xe | 16.6.5b | 16.6.5b.x |
| cisco / ios_xe | 16.6.5a | 16.6.5a.x |
| cisco / ios_xe | 3.8.8e | 3.8.8e.x |
| cisco / ios_xe | 16.3.9 | 16.3.9.x |
| cisco / ios_xe | 16.9.3a | 16.9.3a.x |
| cisco / ios_xe | 16.10.1a | 16.10.1a.x |
| cisco / ios_xe | 3.10.3e | 3.10.3e.x |
| cisco / ios_xe | 16.10.1f | 16.10.1f.x |
| cisco / ios_xe | 16.10.1g | 16.10.1g.x |
| cisco / ios_xe | 16.10.2 | 16.10.2.x |
| cisco / ios_xe | 16.9.3 | 16.9.3.x |
| cisco / ios_xe | 16.12.1y | 16.12.1y.x |
| cisco / ios_xe | 16.10.1e | 16.10.1e.x |
| cisco / ios_xe | 16.10.1b | 16.10.1b.x |
| cisco / ios_xe | 16.8.3 | 16.8.3.x |
| cisco / ios_xe | 16.9.3s | 16.9.3s.x |
| cisco / ios_xe | 16.10.1c | 16.10.1c.x |
| cisco / ios_xe | 3.18.6sp | 3.18.6sp.x |
| cisco / ios_xe | 16.9.4 | 16.9.4.x |
| cisco / ios_xe | 16.12.2 | 16.12.2.x |
| cisco / ios_xe | 16.6.7a | 16.6.7a.x |
| cisco / ios_xe | 3.8.9e | 3.8.9e.x |
| cisco / ios_xe | 16.9.4c | 16.9.4c.x |
| cisco / ios_xe | 3.11.1e | 3.11.1e.x |
| cisco / ios_xe | 3.18.7sp | 3.18.7sp.x |
| cisco / ios_xe | 3.11.1ae | 3.11.1ae.x |
| cisco / ios_xe | 16.12.2a | 16.12.2a.x |
| cisco / ios_xe | 16.6.7 | 16.6.7.x |
| cisco / ios_xe | 16.10.3 | 16.10.3.x |
| cisco / ios_xe | 16.12.4 | 16.12.4.x |
| cisco / ios_xe | 16.3.10 | 16.3.10.x |
| cisco / ios_xe | 16.9.5 | 16.9.5.x |
| cisco / ios_xe | 16.9.5f | 16.9.5f.x |
| cisco / ios_xe | 16.6.8 | 16.6.8.x |
| cisco / ios_xe | 3.18.8sp | 3.18.8sp.x |
| cisco / ios_xe | 3.8.10e | 3.8.10e.x |
| cisco / ios_xe | 16.12.3 | 16.12.3.x |
| cisco / ios_xe | 17.2.1 | 17.2.1.x |
| cisco / ios_xe | 17.1.1s | 17.1.1s.x |
| cisco / ios_xe | 16.12.2t | 16.12.2t.x |
| cisco / ios_xe | 17.1.1a | 17.1.1a.x |
| cisco / ios_xe | 16.12.2s | 16.12.2s.x |
| cisco / ios_xe | 16.12.3a | 16.12.3a.x |
| cisco / ios_xe | 3.18.8asp | 3.18.8asp.x |
| cisco / ios_xe | 17.1.1t | 17.1.1t.x |
| cisco / ios_xe | 16.3.11 | 16.3.11.x |
| cisco / ios_xe | 17.2.1a | 17.2.1a.x |
| cisco / ios_xe | 17.2.1v | 17.2.1v.x |
| cisco / ios_xe | 16.12.1z | 16.12.1z.x |
| cisco / ios_xe | 16.12.3s | 16.12.3s.x |
| cisco / ios_xe | 17.2.1r | 17.2.1r.x |
| cisco / ios_xe | 17.1.2 | 17.1.2.x |
| cisco / ios_xe | 16.12.4a | 16.12.4a.x |
| cisco / ios_xe | 16.9.6 | 16.9.6.x |
| cisco / ios_xe | 3.16.10as | 3.16.10as.x |
| cisco / ios_xe | 3.11.2ae | 3.11.2ae.x |
| cisco / ios_xe | 3.11.2e | 3.11.2e.x |