Intro

do you wanna login into your cisco switches with ssh & public key. you can build your config easily and copy/paste it to your switch(es).

Set & Check Variables

pubkey: read from ~/.ssh/id_rsa.pub
username: root
password: will be generated. or set it by hand

# get & convert public key
pubkey=$(cat ~/.ssh/id_rsa.pub |cut -d' ' -f 2 |fold -b -w 72)

# Username Switch
username=root

# Password for User
password=$(openssl rand -hex 12)

# Full Line
echo "username $username privilege 15 password $password"

SSH Pubkey Auth Config Snippet

# Build Config
cat  << EOF


############################################
# Copy/Paste to your Cisco Devices - START #
############################################

conf t

# Set Version
ip ssh version 2
no aaa new-model

# Set User
username $username privilege 15 password $password

# Set Key
ip ssh pubkey-chain 
username $username 
key-string
$pubkey
exit
exit
exit

# vty Stuff
line vty 0 15
 login local
 transport input ssh

end
write
exit

############################################
# Copy/Paste to your Cisco Devices - END   #
############################################


EOF

you should test it in a lab environment before running on productiv switches ;)

Intro

I stumbled across an old Cisco box in the basement. I thought i might have some fun (or frust?) with the aging Device. The Hardware still works fine, right ? And what about the Software ? Let’s give a try !

Hardware

show version

Cisco 1841 (revision 7.0) with 352256K/40960K bytes of memory.
Processor board ID FCZ1234757Y
6 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
125184K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Software

dir flash

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.06.04.E

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5	Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	7.7	CVE-2020-3235	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	6.8	CVE-2020-3209	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-sbxss	Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability	4.8	CVE-2019-12668	2019-09-25T16:00:00
cisco-sa-20160525-ipv6	Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability	5.8	CVE-2016-1409	2016-05-25T16:00:00
cisco-sa-20170629-snmp	SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software	8.8	CVE-2017-6736	2017-06-29T16:00:00
cisco-sa-20170317-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability	9.8	CVE-2017-3881	2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2019-1746	2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos	Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability	8.6	CVE-2019-1737	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert	Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability	5.9	CVE-2019-1757	2019-03-27T16:00:00
cisco-sa-20190327-evss	Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2019-1750	2019-03-27T16:00:00
cisco-sa-20190109-tcp	Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability	6.8	CVE-2018-0282	2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2018-0475	2018-09-26T16:00:00
cisco-sa-20180926-tacplus	Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability	6.8	CVE-2018-15369	2018-09-26T16:00:00
cisco-sa-20180926-vtp	Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability	4.3	CVE-2018-0197	2018-09-26T16:00:00
cisco-sa-20180926-errdisable	Cisco IOS XE Software Errdisable Denial of Service Vulnerability	7.4	CVE-2018-0480	2018-09-26T16:00:00
cisco-sa-20180328-bfd	Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability	8.6	CVE-2018-0155	2018-03-28T16:00:00
cisco-sa-20180328-smi	Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability	8.6	CVE-2018-0156	2018-03-28T16:00:00
cisco-sa-20180328-smi2	Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability	9.8	CVE-2018-0171	2018-03-28T16:00:00
cisco-sa-20180328-lldp	Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	8.8	CVE-2018-0167	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3	Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability	8.6	CVE-2018-0174	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1	Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability	8.6	CVE-2018-0172	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2	Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability	8.6	CVE-2018-0173	2018-03-28T16:00:00
cisco-sa-20180328-ike-dos	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability	8.6	CVE-2018-0159	2018-03-28T16:00:00
cisco-sa-20180328-privesc1	Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities	7.8	CVE-2018-0169	2018-03-28T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00
cisco-sa-20171103-bgp	Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial of Service Vulnerability	6.8	CVE-2017-12319	2017-11-03T16:00:00
cisco-sa-20170927-ike	Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability	8.6	CVE-2017-12237	2017-09-27T16:00:00
cisco-sa-20170927-pnp	Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability	8.7	CVE-2017-12228	2017-09-27T16:00:00
cisco-sa-20170727-ospf	Multiple Cisco Products OSPF LSA Manipulation Vulnerability	4.2	CVE-2017-6770	2017-07-27T16:00:00
cisco-sa-20170322-dhcpc	Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability	8.6	CVE-2017-3864	2017-03-22T16:00:00
cisco-sa-20170322-webui	Cisco IOS XE Software Web User Interface Denial of Service Vulnerability	8.6	CVE-2017-3856	2017-03-22T16:00:00
cisco-sa-20161115-iosxe	Cisco IOS XE Software Directory Traversal Vulnerability	1.5	CVE-2016-6450	2016-11-15T16:00:00
cisco-sa-20160916-ikev1	IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products	7.8	CVE-2016-6415	2016-09-16T16:00:00
cisco-sa-20160928-aaados	Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability	7.1	CVE-2016-6393	2016-09-28T16:00:00
cisco-sa-20160928-dns	Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability	8.3	CVE-2016-6380	2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability	7.1	CVE-2016-6381	2016-09-28T16:00:00
cisco-sa-20160928-msdp	Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities	7.8	CVE-2016-6382	2016-09-28T16:00:00
cisco-sa-20160928-smi	Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability	7.8	CVE-2016-6385	2016-09-28T16:00:00
cisco-sa-20160928-frag	Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability	7.8	CVE-2016-6386	2016-09-28T16:00:00

Any Comments ?

sha256: 6ab81f9b045a4de2e9b66ef802fe94d2210aa108290fb0c849696f5a7e99eac4

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.06.E

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5	Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	7.7	CVE-2020-3235	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	6.8	CVE-2020-3209	2020-06-03T16:00:00
cisco-sa-priv-esc1-OKMKFRhV	Cisco IOS XE Software Privilege Escalation Vulnerability	6.7	CVE-2020-3215	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-sbxss	Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability	4.8	CVE-2019-12668	2019-09-25T16:00:00
cisco-sa-20190925-vman	Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability	6.7	CVE-2019-12662	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2019-1746	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert	Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability	5.9	CVE-2019-1757	2019-03-27T16:00:00
cisco-sa-20190327-evss	Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2019-1750	2019-03-27T16:00:00
cisco-sa-20190109-tcp	Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability	6.8	CVE-2018-0282	2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak	Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability	6.8	CVE-2018-15377	2018-09-26T16:00:00

Any Comments ?

sha256: 197718c2b28d9ab55520a09e39a603e394e0401dea6a94a3752eeb18bec4f18a

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 17.01.01

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-ios-profinet-dos-65qYG3W5	Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2020-3512	2020-09-24T16:00:00
cisco-sa-profinet-J9QMCHPB	Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability	7.4	CVE-2020-3409	2020-09-24T16:00:00
cisco-sa-xbace-OnCEbyS	Cisco IOS XE Software Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3417	2020-09-24T16:00:00
cisco-sa-iosxe-isdn-q931-dos-67eUZBTf	Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability	7.4	CVE-2020-3511	2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF	Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability	6.1	CVE-2020-3479	2020-09-24T16:00:00
cisco-sa-splitdns-SPWqpdGW	Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability	8.6	CVE-2020-3408	2020-09-24T16:00:00
cisco-sa-ios-lua-rce-7VeJX4f	Cisco IOS XE Software Arbitrary Code Execution Vulnerability	5.1	CVE-2020-3423	2020-09-24T16:00:00
cisco-sa-iosxe-cmdinj-2MzhjM6K	Cisco IOS XE Software Command Injection Vulnerability	6.7	CVE-2020-3403	2020-09-24T16:00:00
cisco-sa-COPS-VLD-MpbTvGEW	Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability	8.6	CVE-2020-3526	2020-09-24T16:00:00
cisco-sa-le-drTOB625	Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability	7.4	CVE-2020-3465	2020-09-24T16:00:00
cisco-sa-ISR4461-gKKUROhx	Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability	8.6	CVE-2020-3414	2020-09-24T16:00:00
cisco-sa-iosxe-rsp3-rce-jVHg8Z7c	Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities	6.7	CVE-2020-3416	2020-09-24T16:00:00
cisco-sa-iosxe-dhcp-dos-JSCKX43h	Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability	8.6	CVE-2020-3509	2020-09-24T16:00:00
cisco-sa-iosxe-iox-app-host-mcZcnsBt	Cisco IOS XE Software IOx Application Hosting Privilege Escalation Vulnerability	6.0	CVE-2020-3393	2020-09-24T16:00:00
cisco-sa-ipsla-jw2DJmSv	Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability	8.6	CVE-2020-3422	2020-09-24T16:00:00
cisco-sa-ios-webui-priv-esc-K8zvEWM	Cisco IOS XE Software Privilege Escalation Vulnerabilities	8.8	CVE-2020-3141	2020-09-24T16:00:00
cisco-sa-confacl-HbPtfSuO	Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service Vulnerability	8.6	CVE-2020-3407	2020-09-24T16:00:00
cisco-sa-ios-xe-webui-multi-vfTkk7yr	Cisco IOS XE Software Web Management Framework Vulnerabilities	4.3	CVE-2020-3474	2020-09-24T16:00:00
cisco-sa-zbfw-94ckG4G	Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities	8.6	CVE-2020-3421	2020-09-24T16:00:00
cisco-sa-capwap-dos-TPdNTdyq	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities	7.4	CVE-2020-3486	2020-09-24T16:00:00
cisco-sa-capwap-dos-ShFzXf	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability	8.6	CVE-2020-3399	2020-09-24T16:00:00
cisco-sa-ewlc-icmpv6-qb9eYyCR	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability	4.7	CVE-2020-3418	2020-09-24T16:00:00
cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability	7.4	CVE-2020-3390	2020-09-24T16:00:00
cisco-sa-telnetd-EFJrEzPx	Telnet Vulnerability Affecting Cisco Products: June 2020	9.8	CVE-2020-10188	2020-06-24T16:00:00
cisco-sa-iosxe-ewlc-dos-TkuPVmZN	Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability	8.6	CVE-2020-3203	2020-06-03T16:00:00
cisco-sa-20170726-anicrl	Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability	6.5	CVE-2017-6664	2017-07-26T16:00:00
cisco-sa-20170726-aniacp	Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability	7.4	CVE-2017-6665	2017-07-26T16:00:00
cisco-sa-20170726-anidos	Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability	7.4	CVE-2017-6663	2017-07-26T16:00:00

Any Comments ?

sha256: 7ddd18e78e70dc6896588bffe741600078f06f5fe0bb7a55aa1fabb5979528b9

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.4(1)SY4

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF	Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability	6.1	CVE-2020-3479	2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF	Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability	6.5	CVE-2020-3201	2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-identd-dos	Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability	8.6	CVE-2019-12647	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-c6500	Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability	4.7	CVE-2019-1758	2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak	Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability	6.8	CVE-2018-15377	2018-09-26T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00

Any Comments ?

sha256: c3e4b89e9a31fa5a69fa1ff4839762a32c00430cb927caaf267501554832ac61

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.2(1)SY5

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF	Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability	6.5	CVE-2020-3201	2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-identd-dos	Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability	8.6	CVE-2019-12647	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos	Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability	8.6	CVE-2019-1737	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-c6500	Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability	4.7	CVE-2019-1758	2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-vtp	Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability	4.3	CVE-2018-0197	2018-09-26T16:00:00
cisco-sa-20180328-lldp	Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	8.8	CVE-2018-0167	2018-03-28T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00

Any Comments ?

sha256: bce3f1e18d4915a7635960f328d32af63e5d8aa804d1e1105dcea0da79e1b5e0

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 8.2(4)

Advisory-ID	Impact	CVSS	CVE	Fixed with	First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd	Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability	8.6	CVE-2020-3517	8.2(6)	2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw	Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability	7.5	CVE-2020-3338	8.2(6)	2020-08-26T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	8.2(6)	2020-06-03T16:00:00
cisco-sa-20200226-nxos-arp	Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability	4.7	CVE-2020-3174	8.2(5)	2020-02-26T16:00:00
cisco-sa-20200226-nxos-api-dos	Cisco NX-OS Software NX-API Denial of Service Vulnerability	5.3	CVE-2020-3170	8.2(5)	2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos	Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2020-3120	8.2(5)	2020-02-05T16:00:00

Any Comments ?

sha256: 83f05371aa9a76dc79231c5794783649ccf885061887a5d55bc0d7b2d9ad4fb7

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.09.E

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx	Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities	8.6	CVE-2020-3225	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	6.8	CVE-2020-3209	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00

Any Comments ?

sha256: 397e05c88b687a24a6437aef9e0a3eb7a0ffc1b7041065b122ebc5a9c2b85aaf

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.0(2)SE8

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-profinet-J9QMCHPB	Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability	7.4	CVE-2020-3409	2020-09-24T16:00:00
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx	Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities	8.6	CVE-2020-3225	2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20160525-ipv6	Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability	5.8	CVE-2016-1409	2016-05-25T16:00:00
cisco-sa-20180926-ptp	Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability	7.5	CVE-2018-0473	2018-09-26T16:00:00
cisco-sa-20170629-snmp	SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software	8.8	CVE-2017-6736	2017-06-29T16:00:00
cisco-sa-20170317-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability	9.8	CVE-2017-3881	2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2019-1746	2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos	Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability	8.6	CVE-2019-1737	2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2018-0475	2018-09-26T16:00:00
cisco-sa-20180926-tacplus	Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability	6.8	CVE-2018-15369	2018-09-26T16:00:00
cisco-sa-20180926-vtp	Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability	4.3	CVE-2018-0197	2018-09-26T16:00:00
cisco-sa-20180328-smi	Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability	8.6	CVE-2018-0156	2018-03-28T16:00:00
cisco-sa-20180328-smi2	Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability	9.8	CVE-2018-0171	2018-03-28T16:00:00
cisco-sa-20180328-lldp	Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	8.8	CVE-2018-0167	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3	Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability	8.6	CVE-2018-0174	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1	Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability	8.6	CVE-2018-0172	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2	Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability	8.6	CVE-2018-0173	2018-03-28T16:00:00
cisco-sa-20180328-ike-dos	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability	8.6	CVE-2018-0159	2018-03-28T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00
cisco-sa-20170927-dhcp	Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability	9.8	CVE-2017-12240	2017-09-27T16:00:00
cisco-sa-20170927-profinet	Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability	8.6	CVE-2017-12235	2017-09-27T16:00:00
cisco-sa-20170927-ike	Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability	8.6	CVE-2017-12237	2017-09-27T16:00:00
cisco-sa-20170927-pnp	Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability	8.7	CVE-2017-12228	2017-09-27T16:00:00
cisco-sa-20170927-cip	Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities	8.6	CVE-2017-12233	2017-09-27T16:00:00
cisco-sa-20170727-ospf	Multiple Cisco Products OSPF LSA Manipulation Vulnerability	4.2	CVE-2017-6770	2017-07-27T16:00:00
cisco-sa-20170322-dhcpc	Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability	8.6	CVE-2017-3864	2017-03-22T16:00:00
cisco-sa-20150923-fhs	Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities	7.8	CVE-2015-6278	2015-09-23T16:00:00
cisco-sa-20160916-ikev1	IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products	7.8	CVE-2016-6415	2016-09-16T16:00:00
cisco-sa-20160928-aaados	Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability	7.1	CVE-2016-6393	2016-09-28T16:00:00
cisco-sa-20160928-dns	Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability	8.3	CVE-2016-6380	2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability	7.1	CVE-2016-6381	2016-09-28T16:00:00
cisco-sa-20160928-msdp	Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities	7.8	CVE-2016-6382	2016-09-28T16:00:00
cisco-sa-20160928-smi	Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability	7.8	CVE-2016-6385	2016-09-28T16:00:00
cisco-sa-20160928-cip	Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability	7.8	CVE-2016-6391	2016-09-28T16:00:00
cisco-sa-20160323-ios-ikev2	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability	7.1	CVE-2016-1344	2016-03-23T16:00:00
cisco-sa-20160323-smi	Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability	7.8	CVE-2016-1349	2016-03-23T16:00:00
cisco-sa-20150325-tcpleak	Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability	7.8	CVE-2015-0646	2015-03-25T16:00:00
cisco-sa-20150325-cip	Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol	7.8	CVE-2015-0647	2015-03-25T16:00:00
cisco-sa-20150320-openssl	Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products	2.6	CVE-2015-0207	2015-03-20T20:20:00
cisco-sa-20150408-ntpd	Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products	5.0	CVE-2015-1798	2015-04-08T16:00:00
cisco-sa-20150310-ssl	Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products	5.0	CVE-2014-3569	2015-03-10T16:00:00
Cisco-SA-20150113-CVE-2015-0204	OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability	5.0	CVE-2015-0204	2015-01-13T19:57:19

Any Comments ?

sha256: 79bf0448ec96592b255cae56173d8046be1d26090c12f05c8ec949a5e494e8f4