Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-1151

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-11 Apr, 2013 | 10:00
Updated At-16 Sep, 2024 | 20:36
Rejected At-
Credits

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:11 Apr, 2013 | 10:00
Updated At:16 Sep, 2024 | 20:36
Rejected At:
▼CVE Numbering Authority (CNA)

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
vendor-advisory
x_refsource_CISCO
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:11 Apr, 2013 | 10:55
Updated At:11 Apr, 2025 | 00:51

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.1HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.1
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
CPE Matches
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(0\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(1\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(2\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(4\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(4\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(5\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(5.2\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(5.2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(6\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(6\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(6.7\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(6.7\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(7\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(7\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0\(8\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(8\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.1
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.1.4
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.2
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.4
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.4.3
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.5
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.6
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.7
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.8
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.0.8
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(2\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(2.5\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(2.5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(2.27\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(2.27\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(2.48\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(2.48\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(2.49\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(2.49\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1\(5\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\(5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1.1
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.1.2
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(1\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(1.22\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(1.22\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.5\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.7\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.7\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.8\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.8\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.10\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.10\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.14\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.14\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.15\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.15\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.17\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.17\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.18\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.18\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.19\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.19\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(2.48\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.48\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(3\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(3\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(4\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(4\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2\(5\)
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2.1
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_software>>7.2.2
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asapsirt@cisco.com
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asaaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1375Records found
CVE-2018-0282
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 57.39%
||
7 Day CHG-0.07%
Published-10 Jan, 2019 | 00:00
Updated-21 Nov, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability

A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applications, the only affected application observed so far is the HTTP server. An attacker could exploit this vulnerability by sending specific HTTP requests at a sustained rate to a reachable IP address of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ie_2000-4ts-gcatalyst_2960cg-8tc-lembedded_service_2020_24tc_con_bcatalyst_3560cpd-8pt-sie_2000-4tcatalyst_2960s-48fps-lcatalyst_3560cg-8tc-sie_2000-16tc-gcatalyst_2960c-8tc-lcatalyst_3750x-48t-lcatalyst_3750x-24p-scatalyst_2960x-24td-lcatalyst_2960x-48fpd-lcatalyst_2960x-24ts-llcatalyst_2960-plus_48pst-lie_3000-8tccatalyst_3750x-24p-ecatalyst_2960x-24pd-lcatalyst_3750x-12s-scatalyst_2960cpd-8tt-lcatalyst_2960-plus_24pc-scatalyst_3560x-48t-scatalyst_3560x-48p-eie_2000-16ptc-gcatalyst_2960xr-24td-icatalyst_3560c-8pc-scatalyst_3560x-48p-lcatalyst_3750x-48t-sembedded_service_2020_24tc_ncpcatalyst_2960-plus_48pst-sie_2000-8tc-gcatalyst_2960s-48lpd-lie_2000-4tscatalyst_3750x-48u-ecatalyst_3560x-24p-lcatalyst_2960s-f48ts-scatalyst_3560x-48pf-lcatalyst_3750x-48u-scatalyst_3750x-24s-eembedded_service_2020_ncp_bcatalyst_2960x-24ps-lcatalyst_4500_supervisor_engine_6-ecatalyst_2960s-24ts-lcatalyst_2960x-48ts-lcatalyst_2960s-f48fps-lie_2000-16tc-g-ecatalyst_4500_supervisor_engine_6l-ecatalyst_3560x-48t-ecatalyst_2960-plus_24tc-lcatalyst_3750x-24t-lcatalyst_3750x-12s-eembedded_service_2020_concatalyst_3560x-24u-ecatalyst_3560x-48u-eembedded_service_2020_24tc_concatalyst_2960s-48ts-lcatalyst_2960x-48lps-lcatalyst_2960x-48td-lie_2000-16tccatalyst_3560x-48u-scatalyst_3750x-24u-scatalyst_2960xr-48td-iembedded_service_2020_con_bcatalyst_2960xr-24ps-icatalyst_2960x-48ts-llcatalyst_2960s-f24ps-lcatalyst_2960s-f48lps-lcatalyst_2960xr-24pd-icatalyst_2960cpd-8pt-lcatalyst_2960-plus_24pc-lcatalyst_2960s-f24ts-lcatalyst_3560x-48pf-scatalyst_2960s-f24ts-scatalyst_2960c-8tc-sie-3010-24tccatalyst_2960-plus_24lc-lcatalyst_3750x-48p-sie_2000-8tcie_2000-8tc-g-ecatalyst_2960-plus_48tc-lcatalyst_3750x-48pf-scatalyst_3560x-24t-lie_2000-4t-gcatalyst_3560x-24p-ecatalyst_2960x-48lpd-lcatalyst_3750x-24p-lie_3000-4tcie_2000-8tc-g-ncatalyst_3560cg-8pc-scatalyst_3560x-48t-lcatalyst_3560x-48u-lcatalyst_3750x-24s-sie_2000-16tc-g-xcatalyst_3560x-24u-lcatalyst_2960s-48fpd-lcatalyst_2960s-48ts-ssm-x_layer_2\/3_etherswitch_service_modulecatalyst_2960s-24td-lcatalyst_3560x-48p-scatalyst_2960-plus_24lc-scatalyst_3750x-48p-lcatalyst_2960s-48td-lie_2000-24t67catalyst_2960xr-24ts-icatalyst_3750x-24u-lcatalyst_2960xr-48lps-icatalyst_2960x-24psq-lcatalyst_2960xr-48ts-icatalyst_3560x-24t-ecatalyst_4948ecatalyst_2960-plus_24tc-scatalyst_4948e-fcatalyst_2960s-24ps-lcatalyst_2960s-f48ts-lcatalyst_3560x-24p-scatalyst_2960xr-48fps-iie-3010-16s-8pccatalyst_2960c-8pc-lcatalyst_2960-plus_48tc-scatalyst_4900mie_2000-16t67embedded_service_2020_ncpcatalyst_3750x-48u-lioscatalyst_2960xr-48fpd-icatalyst_3560x-48pf-eie_2000-4s-ts-gcatalyst_2960s-24pd-lcatalyst_3750x-48t-eie_2000-16t67pie_2000-8t67pcatalyst_3750x-48p-ecatalyst_3560x-24t-scatalyst_3750x-24t-scatalyst_3750x-48pf-ecatalyst_2960xr-48lpd-iie_2000-16tc-g-ncatalyst_3560c-12pc-scatalyst_3560x-24u-sios_xecatalyst_2960c-12pc-lcatalyst_3750x-24t-ecatalyst_3750x-24u-ecatalyst_3750x-48pf-lcatalyst_2960x-24ts-lie_2000-8t67catalyst_2960s-48lps-lcatalyst_2960x-48fps-lembedded_service_2020_24tc_ncp_bCisco IOS
CWE ID-CWE-371
Not Available
CVE-2022-20653
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.80% / 73.16%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 15:00
Updated-06 Nov, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability

A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asyncosCisco Email Security Appliance (ESA)
CWE ID-CWE-399
Not Available
CVE-2018-0189
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 55.77%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. The vulnerability is due to a limitation in the way the FIB is internally representing recursive routes. An attacker could exploit this vulnerability by injecting routes into the routing protocol that have a specific recursive pattern. The attacker must be in a position on the network that provides the ability to inject a number of recursive routes with a specific pattern. An exploit could allow the attacker to cause an affected device to reload, creating a DoS condition. Cisco Bug IDs: CSCva91655.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS and IOS XE
CWE ID-CWE-399
Not Available
CVE-2018-0476
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-4.29% / 88.40%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2018-0469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.08% / 76.91%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Denial of Service Vulnerability

A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker could exploit this vulnerability by sending specific HTTP requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-415
Double Free
CVE-2018-0180
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-2.05% / 83.12%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcatalyst_3850-16xs-scatalyst_3650-24pd-l4331\/k9-rf_integrated_services_routercatalyst_3850-48p-ecatalyst_9300-24t-e4461_integrated_services_router8201catalyst_3850-24u-lasr_1002-xcatalyst_8540msr1100-6g_integrated_services_routercatalyst_3650-24ts-scatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_8500lcatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_3850-24xu-scatalyst_3650-48pd-lcatalyst_3650-24pdm-s1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_3650-24pd-scatalyst_9300-24s-a1000_integrated_services_routerasr_1000-xcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-48pq-scatalyst_9300l-24t-4x-ecatalyst_3650-12x48uz-lcatalyst_3650-48fd-s1841_integrated_service_routercatalyst_3850-24u-scatalyst_3650-48ps-lintegrated_services_virtual_routerasr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_9300-48t-acatalyst_9300xcatalyst_3650-48fd-ecatalyst_8300-1n1s-6tcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3650-48fqmcatalyst_3650-24ps-lcatalyst_3850-48p-scatalyst_3850-48u-lcatalyst_3650-48ts-ecatalyst_9410rcatalyst_3650-12x48ur-scatalyst_3650-12x48uz-scatalyst_3850-nm-2-40gcatalyst_3650-12x48uq-ecatalyst_3650-24ps-ecatalyst_3650-24pdm8800_8-slot88121812_integrated_service_routerios1101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_9800-clasr_1004catalyst_8200asr_1001-xcatalyst_3850-32xs-scatalyst_3650-12x48ur-easr_1023catalyst_3650-8x24pd-ecatalyst_9300l-48p-4x-a1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3650-24ts-lcatalyst_3850-48t-e1941_integrated_services_routercatalyst_9300l-48t-4g-a3945_integrated_services_routercatalyst_3650-12x48uq-s8218catalyst_9800-l-f1906c_integrated_services_router4351\/k9-ws_integrated_services_router1100-4g_integrated_services_router1100-4gltena_integrated_services_routercatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_85008818catalyst_3850-24xu1109_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_3650-24td-l8202catalyst_3650-48fqm-e8208catalyst_3650-48fd-lcatalyst_3650-48fq-scatalyst_3850-48f-scatalyst_9300l-24p-4x-easr_1002-hxcatalyst_3650-48fs-l1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3650-12x48uz88081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-e3925_integrated_services_routercatalyst_9800-40catalyst_3650-48pd-easr_1002-x_rcatalyst_9300-24ux-easr_1000catalyst_3650-24ps-scatalyst_3850-24p-ecatalyst_9300l-48p-4g-easr_1009-x1109-4p_integrated_services_routercatalyst_3650-48ps-s1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_router8101-32fhcatalyst_3650-48td-scatalyst_3650-48ts-scatalyst_9300l-48t-4x-a1803_integrated_service_routercatalyst_3650-48fqm-lcloud_services_router_1000vcatalyst_3650-12x48uqcatalyst_9800catalyst_3850-24t-e4331_integrated_services_routercatalyst_3650-48fq-lcatalyst_3650-24pdm-lcatalyst_3650-48tq-s1100-8p_integrated_services_router1111x_integrated_services_routercatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_9400catalyst_3850-24s-scatalyst_8300-2n2s-4t2x1100_integrated_services_router1861_integrated_service_routercatalyst_3650-12x48fd-lasr_1002catalyst_3850-48t-scatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_9300l_stackcatalyst_9300-48s-e1941w_integrated_services_routercatalyst_3650-8x24uqcatalyst_8300-1n1s-4t2xcatalyst_3650-24pd-easr_1013catalyst_3650catalyst_3850-48t-lcatalyst_9200cx1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routerasr_1000-esp200-xasr_1006-xcatalyst_3850-24u-ecatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routercatalyst_3650-48pq-lcatalyst_3650-48fs-scatalyst_8510csrcatalyst_3850-nm-8-10g1101_integrated_services_router8102-64hcatalyst_3650-24td-s3945e_integrated_services_routercatalyst_3650-12x48uz-ecatalyst_3650-24ts-e4321\/k9-rf_integrated_services_routercatalyst_3650-48ts-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_8500-4qcesr-6300-con-k9catalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-lcatalyst_3650-48fqcatalyst_3650-48ps-e8800_18-slotcatalyst_9300-48uxm-acatalyst_38508201-32fhcatalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchcatalyst_3650-48pd-s4331\/k9-ws_integrated_services_routercatalyst_3650-48td-l4321\/k9-ws_integrated_services_routerasr_1001-x_rcatalyst_3650-48tq-ecatalyst_9300l-24p-4g-acatalyst_3850-48xs-e8800_12-slotcatalyst_9300-24ux-acatalyst_9407rcatalyst_9800-80catalyst_3650-8x24uq-s44461_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_routercatalyst_9300-48s-a8101-32hcatalyst_3650-8x24uq-lcatalyst_3650-48fq-ecatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_3850-24xs-scatalyst_3650-48fs-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006catalyst_3650-48td-easr_10013925e_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_ie3300_rugged_switch4431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3650-24td-ecatalyst_3650-12x48fd-scatalyst_9300-48uxm-ecatalyst_3850-24xu-ecatalyst_9300catalyst_3650-12x48fd-ecatalyst_3650-48fqm-scatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9300-24u-acatalyst_3850-24t-lcatalyst_9300-48u-ecatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-48u-acatalyst_3650-8x24pd-l8831catalyst_3650-48pq-ecatalyst_9300-24s-ecatalyst_3850-24xscatalyst_3650-8x24pd-s1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300catalyst_3850-48ucatalyst_3650-12x48ur-lcatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_3650-8x24uq-ecatalyst_3850-12s-ecatalyst_3850-32xs-easr_1002-hx_rcatalyst_3650-24pdCisco IOSIOS Software
CVE-2018-0397
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.45% / 62.85%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 20:00
Updated-26 Nov, 2024 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Apple Inc.
Product-mac_os_xadvanced_malware_protection_for_endpointsCisco AMP for Endpoints Mac Connector unknown
CWE ID-CWE-399
Not Available
CVE-2015-6325
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.68% / 70.62%
||
7 Day CHG~0.00%
Published-25 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CVE-2015-6324
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.28% / 51.42%
||
7 Day CHG~0.00%
Published-25 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(2) allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug IDs CSCus56252 and CSCus57142.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CVE-2015-6415
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.56% / 67.38%
||
7 Day CHG~0.00%
Published-12 Dec, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_computing_systemn/a
CVE-2015-4199
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.53% / 66.09%
||
7 Day CHG~0.00%
Published-27 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer free and module crash) by triggering intermittent connectivity with many IPv6 CPE devices, aka Bug ID CSCug47366.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-0612
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-03 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unity_connectionunity_connection_8.5unity_connection_8.6n/a
CVE-2015-0618
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.56% / 67.38%
||
7 Day CHG~0.00%
Published-21 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-carrier_routing_systemios_xrnetwork_convergence_system_6000n/a
CVE-2015-0688
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-04 Apr, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_1001asr_1001-xasr_1002-xios_xeasr_1004asr_1006asr_1013asr_1002n/a
CVE-2015-0654
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.31% / 53.51%
||
7 Day CHG~0.00%
Published-13 Mar, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-intrusion_prevention_systemn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-0681
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.56% / 67.38%
||
7 Day CHG~0.00%
Published-24 Jul, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2015-0616
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-03 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) by improperly terminating SIP TCP connections, aka Bug ID CSCul69819.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unity_connectionn/a
CVE-2015-0614
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-03 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul26267.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unity_connectionn/a
CVE-2015-0608
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.62% / 68.97%
||
7 Day CHG~0.00%
Published-12 Feb, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-0615
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-03 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (port consumption) by improperly terminating SIP sessions, aka Bug ID CSCul28089.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unity_connectionn/a
CVE-2015-0631
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.44% / 62.11%
||
7 Day CHG~0.00%
Published-21 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ips_4255ids_4210ips_4240ids_4215ips_4270ips_4260ids_4235ids_4250ids_4230ids_4250_xlids_4220ips_sensor_softwaren/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-0613
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-03 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul20444.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unity_connectionn/a
CVE-2015-0609
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.62% / 68.97%
||
7 Day CHG~0.00%
Published-16 Feb, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCuj96752.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-7998
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.56% / 67.38%
||
7 Day CHG~0.00%
Published-15 Nov, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-aironet_ap1100aironet_ap340aironet_ap1130agaironet_3600aironet_1140aironet_ap1300aironet_ap1230agaironet_ap1240aironet_ap350aironet_3600eaironet_3500aironet_1040aironet_ap1131aironet_ap1240agaironet_1260iosaironet_3600iaironet_ap1200aironet_3600paironet_ap1400aironet_600_office_extendn/a
CVE-2014-3369
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.72% / 71.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-expressway_softwaretelepresence_video_communication_server_softwaren/a
CVE-2014-3361
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.02% / 76.32%
||
7 Day CHG~0.00%
Published-25 Sep, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3406
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.27% / 50.08%
||
7 Day CHG~0.00%
Published-19 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-intrusion_prevention_systemn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-3370
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.72% / 71.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-expressway_softwaretelepresence_video_communication_server_softwaren/a
CVE-2014-3353
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-3.33% / 86.77%
||
7 Day CHG~0.00%
Published-04 Sep, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2014-2176
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.87% / 74.30%
||
7 Day CHG~0.00%
Published-14 Jun, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrasr_9904asr_9922asr_9001asr_9006asr_9010asr_9912n/a
CVE-2014-2124
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-2.14% / 83.50%
||
7 Day CHG~0.00%
Published-20 Mar, 2014 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ioscatalyst_6500n/a
CVE-2014-0710
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.31% / 53.51%
||
7 Day CHG~0.00%
Published-22 Feb, 2014 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firewall_services_module_softwaren/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-0705
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-06 Mar, 2014 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controller_softwarewireless_lan_controllern/a
CVE-2013-6704
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.51% / 65.43%
||
7 Day CHG~0.00%
Published-03 Dec, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xen/a
CVE-2018-15390
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.35% / 56.78%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-667
Improper Locking
CVE-2018-15399
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.45% / 62.85%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2013-1134
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.52% / 65.64%
||
7 Day CHG~0.00%
Published-27 Feb, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2008-4963
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.03% / 76.43%
||
7 Day CHG~0.00%
Published-06 Nov, 2008 | 11:00
Updated-07 Aug, 2024 | 10:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catosiosn/a
CVE-2008-4543
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.19% / 77.96%
||
7 Day CHG~0.00%
Published-13 Oct, 2008 | 18:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unityn/a
CWE ID-CWE-399
Not Available
CVE-2008-3804
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-2.06% / 83.16%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2008-3812
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.46% / 80.05%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2008-3802
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.00% / 76.09%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2008-3800
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.93% / 82.65%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_manageriosn/a
CVE-2008-4609
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.68% / 70.54%
||
7 Day CHG+0.22%
Published-20 Oct, 2008 | 17:00
Updated-07 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Action-Not Available
Vendor-bsdibsdtrustedbsddragonflybsdmidnightbsdn/aMicrosoft CorporationOracle CorporationOpenBSDFreeBSD FoundationLinux Kernel Organization, IncCisco Systems, Inc.NetBSD
Product-freebsdbsd_ossolariswindows_server_2008dragonflybsdwindows_xpmidnightbsdbsdcatalyst_blade_switch_3120windows_2000catalyst_blade_switch_3020ioscatalyst_blade_switch_3020_firmwarewindows_vistalinux_kernelcatalyst_blade_switch_3120x_firmwareopenbsdcatalyst_blade_switch_3120xnetbsdwindows_server_2003trustedbsdcatalyst_blade_switch_3120_firmwaren/a
CWE ID-CWE-16
Not Available
CVE-2008-3801
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.93% / 82.65%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_manageriosn/a
CVE-2020-3562
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.53% / 66.20%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120firepower_2130firepower_2110firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2733
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.52% / 65.60%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pixadaptive_security_appliance_5500n/a
CVE-2008-1151
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.01% / 76.15%
||
7 Day CHG~0.00%
Published-27 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-399
Not Available
CVE-2008-0537
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.06% / 76.70%
||
7 Day CHG~0.00%
Published-27 Mar, 2008 | 10:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-7600_routercatalyst_6500me_6524_ethernet_switchroute_switch_processorsupervisor_enginen/a
CVE-2008-0028
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-2.00% / 82.90%
||
7 Day CHG~0.00%
Published-23 Jan, 2008 | 20:00
Updated-07 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_5005500_series_adaptive_security_applianceadaptive_security_appliance_softwarepix_firewall_softwaren/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 27
  • 28
  • Next
Details not found