Preface: Vendor operate in high visibility, initiate fix vulnerabilities means they are more secure than other products.
Synopsis: From hardware appliance to software base. From Layer 3 to Layer 7, the growth of operations expanded, it is hard to avoid vulnerability occurs.
Vulnerability Details:
Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar
CVE-2019-1753: Cisco IOS XE Software Privilege Escalation Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc
CVE-2019-1754: Cisco IOS XE Software Privilege Escalation Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc
Remark: Perhaps the total numbers of high severity vulnerability has 19 items. The remaining is address denial of server and command injection. But the privileges escalation merely our focus this time. So the remaining do not display in this discussion.