Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-2111

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-27 Mar, 2014 | 21:00
Updated At-06 Aug, 2024 | 10:05
Rejected At-
Credits

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:27 Mar, 2014 | 21:00
Updated At:06 Aug, 2024 | 10:05
Rejected At:
▼CVE Numbering Authority (CNA)

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
vendor-advisory
x_refsource_CISCO
http://www.securityfocus.com/bid/66470
vdb-entry
x_refsource_BID
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securityfocus.com/bid/66470
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
vendor-advisory
x_refsource_CISCO
x_transferred
http://www.securityfocus.com/bid/66470
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/66470
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:27 Mar, 2014 | 21:55
Updated At:12 Apr, 2025 | 10:46

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.1HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.1
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
CPE Matches

Cisco Systems, Inc.
cisco
>>ios>>12.2
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.3
cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.4
cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.0
cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.1
cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.2
cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.3
cpe:2.3:o:cisco:ios:15.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.4
cpe:2.3:o:cisco:ios:15.4:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-natpsirt@cisco.com
Vendor Advisory
http://www.securityfocus.com/bid/66470psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nataf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/66470af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/66470
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/66470
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1375Records found

CVE-2013-5513
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.19% / 41.16%
||
7 Day CHG~0.00%
Published-13 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3801
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.93% / 82.66%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_manageriosn/a
CVE-2008-3812
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.46% / 80.06%
||
7 Day CHG~0.00%
Published-26 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2013-3461
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.51% / 65.44%
||
7 Day CHG~0.00%
Published-25 Aug, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2008-2734
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.53% / 66.37%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a denial of service (memory consumption and VPN hang) via a crafted SSL or HTTP packet, aka Bug ID CSCso66472.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_5500n/a
CWE ID-CWE-399
Not Available
CVE-2013-1134
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.52% / 65.64%
||
7 Day CHG~0.00%
Published-27 Feb, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2008-2733
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.52% / 65.60%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pixadaptive_security_appliance_5500n/a
CVE-2017-6790
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.80% / 82.01%
||
7 Day CHG~0.00%
Published-17 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance. The vulnerability is due to excessive SIP traffic sent to the device. An attacker could exploit this vulnerability by transmitting large volumes of SIP traffic to the VCS. An exploit could allow the attacker to cause a complete DoS condition on the targeted system. Cisco Bug IDs: CSCve32897.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-telepresence_video_communication_serverTelePresence Video Communication Server (VCS)
CVE-2012-4663
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.50% / 80.42%
||
7 Day CHG~0.00%
Published-29 Oct, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_6509-v-ecatalyst_6513-e5500_series_adaptive_security_appliancecatalyst_6503-ecatalyst_6504-ecatalyst_6509-e7600_routercatalyst_6500catalyst_6509-neb-acatalyst_6506-ecatalyst_6513adaptive_security_appliance_softwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1150
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.01% / 76.15%
||
7 Day CHG~0.00%
Published-27 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-399
Not Available
CVE-2008-1159
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.67% / 81.36%
||
7 Day CHG~0.00%
Published-22 May, 2008 | 10:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrios_sios_tn/a
CVE-2021-1403
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.12% / 32.08%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:07
Updated-08 Nov, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Cross-Site WebSocket Hijacking Vulnerability

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site WebSocket hijacking (CSWSH) attack and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient HTTP protections in the web UI on an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the web UI to follow a crafted link. A successful exploit could allow the attacker to corrupt memory on the affected device, forcing it to reload and causing a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2008-1151
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.01% / 76.15%
||
7 Day CHG~0.00%
Published-27 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-399
Not Available
CVE-2008-0537
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-1.06% / 76.71%
||
7 Day CHG~0.00%
Published-27 Mar, 2008 | 10:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-7600_routercatalyst_6500me_6524_ethernet_switchroute_switch_processorsupervisor_enginen/a
CVE-2022-20758
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.91% / 74.88%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:20
Updated-06 Nov, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Border Gateway Protocol Ethernet VPN Denial of Service Vulnerability

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-399
Not Available
CVE-2008-0028
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-2.00% / 82.91%
||
7 Day CHG~0.00%
Published-23 Jan, 2008 | 20:00
Updated-07 Aug, 2024 | 07:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_5005500_series_adaptive_security_applianceadaptive_security_appliance_softwarepix_firewall_softwaren/a
CVE-2017-12256
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device. The vulnerability is due to certain file-handling inefficiencies of the affected system. An attacker could exploit this vulnerability by directing client systems to access a corrupted file that the client systems cannot decompress correctly. A successful exploit could allow the attacker to cause the affected device to crash or hang unexpectedly and result in a DoS condition that may require manual intervention to regain normal operating conditions. Cisco Bug IDs: CSCve82472.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wide_area_application_servicesCisco Wide Area Application Services
CWE ID-CWE-399
Not Available
CVE-2014-3353
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-3.33% / 86.78%
||
7 Day CHG~0.00%
Published-04 Sep, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2007-5651
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.19% / 77.97%
||
7 Day CHG~0.00%
Published-23 Oct, 2007 | 21:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catosiosn/a
CVE-2007-4291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-3.85% / 87.74%
||
7 Day CHG~0.00%
Published-09 Aug, 2007 | 21:00
Updated-07 Aug, 2024 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2007-4011
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.03% / 76.44%
||
7 Day CHG~0.00%
Published-26 Jul, 2007 | 00:00
Updated-07 Aug, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-4100_wireless_lan_controllerairespace_4000_wireless_lan_controllercatalyst_6500wireless_lan_controller_softwarecatalyst_37504400_wireless_lan_controllern/a
CVE-2007-4012
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.03% / 76.44%
||
7 Day CHG~0.00%
Published-26 Jul, 2007 | 00:00
Updated-07 Aug, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-4100_wireless_lan_controllerairespace_4000_wireless_lan_controllercatalyst_6500wireless_lan_controller_softwarecatalyst_37504400_wireless_lan_controllern/a
CVE-2007-2464
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-2.33% / 84.18%
||
7 Day CHG~0.00%
Published-02 May, 2007 | 22:00
Updated-07 Aug, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pixadaptive_security_appliance_softwaren/a
CVE-2022-20694
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.40% / 60.07%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:15
Updated-06 Nov, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Border Gateway Protocol Resource Public Key Infrastructure Denial of Service Vulnerability

A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-617
Reachable Assertion
CVE-2007-0918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-14 Feb, 2007 | 02:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2002-1024
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.40% / 79.64%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catoscss11000_content_services_switchiospix_firewall_softwaren/a
CVE-2022-20746
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.93%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20653
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.80% / 73.17%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 15:00
Updated-06 Nov, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability

A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asyncosCisco Email Security Appliance (ESA)
CWE ID-CWE-399
Not Available
CVE-2022-20751
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.78% / 72.81%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_1010firepower_1020firepower_1140firepower_2120firepower_4100firepower_2130firepower_2100firepower_4110firepower_1120firepower_2110firepower_4125firepower_1000firepower_1040firepower_4112firepower_1030firepower_4140firepower_2140firepower_4145firepower_4120firepower_1150firepower_4115firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20623
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-18.37% / 94.98%
||
7 Day CHG~0.00%
Published-23 Feb, 2022 | 17:40
Updated-06 Nov, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error in the BFD rate limiter functionality. An attacker could exploit this vulnerability by sending a crafted stream of traffic through the device. A successful exploit could allow the attacker to cause BFD traffic to be dropped, resulting in BFD session flaps. BFD session flaps can cause route instability and dropped traffic, resulting in a denial of service (DoS) condition. This vulnerability applies to both IPv4 and IPv6 traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xn9k-x97284yc-fxn9k-x9788tc-fxn9k-c9364c-gxn9k-c9272qn9k-c93600cd-gxn9k-x97160yc-exn9k-x9732c-exnx-osn9k-c93240yc-fx2n9k-c93108tc-exn9k-c9236cn9k-c9332cn9k-c9364cn9k-c9336c-fx2n9k-c92300ycn9k-c9316d-gxn9k-c92160yc-xn9k-x9732c-fxn9k-c93108tc-fxn9k-c93360yc-fx2n9k-c92304qcn9k-c93180yc-exn9k-c93180yc-fxn9k-c93180lc-exn9k-x9736c-fxn9k-c9348gc-fxpn9k-c93180yc2-fxn9k-x9736c-exn9k-c93216tc-fx2Cisco NX-OS Software
CWE ID-CWE-399
Not Available
CVE-2018-15397
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.55%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centeradaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-320
Not Available
CVE-2018-15390
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.35% / 56.80%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-667
Improper Locking
CVE-2011-2561
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.40% / 59.84%
||
7 Day CHG~0.00%
Published-29 Aug, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2005-1021
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.40% / 79.66%
||
7 Day CHG~0.00%
Published-09 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2005-1020
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-1.58% / 80.84%
||
7 Day CHG~0.00%
Published-09 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-40118
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.26% / 49.50%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:56
Updated-07 Nov, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5585-x_firmwareasa_5505_firmwareasa_5580_firmwareasa_5515-xasa_5545-x_firmwareadaptive_security_applianceasa_5545-xasa_5525-x_firmwareasa_5505asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34781
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.43% / 61.67%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_management_center_virtual_appliancefirepower_threat_defensesourcefire_defense_centerCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2011-1604
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-2.02% / 83.01%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2021-40116
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.78% / 72.81%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:56
Updated-07 Jul, 2025 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Snort Rule Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centersnortfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-241
Improper Handling of Unexpected Data Type
CVE-2002-1222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-16.16% / 94.55%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0179
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-2.39% / 84.42%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcatalyst_3850-16xs-scatalyst_3650-24pd-l4331\/k9-rf_integrated_services_routercatalyst_3850-48p-ecatalyst_9300-24t-e4461_integrated_services_router8201catalyst_3850-24u-lasr_1002-xcatalyst_8540msr1100-6g_integrated_services_routercatalyst_3650-24ts-scatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_8500lcatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_3850-24xu-scatalyst_3650-48pd-lcatalyst_3650-24pdm-s1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_3650-24pd-scatalyst_9300-24s-a1000_integrated_services_routerasr_1000-xcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-48pq-scatalyst_9300l-24t-4x-ecatalyst_3650-12x48uz-lcatalyst_3650-48fd-s1841_integrated_service_routercatalyst_3850-24u-scatalyst_3650-48ps-lintegrated_services_virtual_routerasr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_9300-48t-acatalyst_9300xcatalyst_3650-48fd-ecatalyst_8300-1n1s-6tcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3650-48fqmcatalyst_3650-24ps-lcatalyst_3850-48p-scatalyst_3850-48u-lcatalyst_3650-48ts-ecatalyst_9410rcatalyst_3650-12x48ur-scatalyst_3650-12x48uz-scatalyst_3850-nm-2-40gcatalyst_3650-12x48uq-ecatalyst_3650-24ps-ecatalyst_3650-24pdm8800_8-slot88121812_integrated_service_routerios1101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_9800-clasr_1004catalyst_8200asr_1001-xcatalyst_3850-32xs-scatalyst_3650-12x48ur-easr_1023catalyst_3650-8x24pd-ecatalyst_9300l-48p-4x-a1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3650-24ts-lcatalyst_3850-48t-e1941_integrated_services_routercatalyst_9300l-48t-4g-a3945_integrated_services_routercatalyst_3650-12x48uq-s8218catalyst_9800-l-f1906c_integrated_services_router4351\/k9-ws_integrated_services_router1100-4g_integrated_services_router1100-4gltena_integrated_services_routercatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_85008818catalyst_3850-24xu1109_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_3650-24td-l8202catalyst_3650-48fqm-e8208catalyst_3650-48fd-lcatalyst_3650-48fq-scatalyst_3850-48f-scatalyst_9300l-24p-4x-easr_1002-hxcatalyst_3650-48fs-l1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3650-12x48uz88081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-e3925_integrated_services_routercatalyst_9800-40catalyst_3650-48pd-easr_1002-x_rcatalyst_9300-24ux-easr_1000catalyst_3650-24ps-scatalyst_3850-24p-ecatalyst_9300l-48p-4g-easr_1009-x1109-4p_integrated_services_routercatalyst_3650-48ps-s1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_router8101-32fhcatalyst_3650-48td-scatalyst_3650-48ts-scatalyst_9300l-48t-4x-a1803_integrated_service_routercatalyst_3650-48fqm-lcloud_services_router_1000vcatalyst_3650-12x48uqcatalyst_9800catalyst_3850-24t-e4331_integrated_services_routercatalyst_3650-48fq-lcatalyst_3650-24pdm-lcatalyst_3650-48tq-s1100-8p_integrated_services_router1111x_integrated_services_routercatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_9400catalyst_3850-24s-scatalyst_8300-2n2s-4t2x1100_integrated_services_router1861_integrated_service_routercatalyst_3650-12x48fd-lasr_1002catalyst_3850-48t-scatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_9300l_stackcatalyst_9300-48s-e1941w_integrated_services_routercatalyst_3650-8x24uqcatalyst_8300-1n1s-4t2xcatalyst_3650-24pd-easr_1013catalyst_3650catalyst_3850-48t-lcatalyst_9200cx1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routerasr_1000-esp200-xasr_1006-xcatalyst_3850-24u-ecatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routercatalyst_3650-48pq-lcatalyst_3650-48fs-scatalyst_8510csrcatalyst_3850-nm-8-10g1101_integrated_services_router8102-64hcatalyst_3650-24td-s3945e_integrated_services_routercatalyst_3650-12x48uz-ecatalyst_3650-24ts-e4321\/k9-rf_integrated_services_routercatalyst_3650-48ts-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_8500-4qcesr-6300-con-k9catalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-lcatalyst_3650-48fqcatalyst_3650-48ps-e8800_18-slotcatalyst_9300-48uxm-acatalyst_38508201-32fhcatalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchcatalyst_3650-48pd-s4331\/k9-ws_integrated_services_routercatalyst_3650-48td-l4321\/k9-ws_integrated_services_routerasr_1001-x_rcatalyst_3650-48tq-ecatalyst_9300l-24p-4g-acatalyst_3850-48xs-e8800_12-slotcatalyst_9300-24ux-acatalyst_9407rcatalyst_9800-80catalyst_3650-8x24uq-s44461_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_routercatalyst_9300-48s-a8101-32hcatalyst_3650-8x24uq-lcatalyst_3650-48fq-ecatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_3850-24xs-scatalyst_3650-48fs-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006catalyst_3650-48td-easr_10013925e_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_ie3300_rugged_switch4431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3650-24td-ecatalyst_3650-12x48fd-scatalyst_9300-48uxm-ecatalyst_3850-24xu-ecatalyst_9300catalyst_3650-12x48fd-ecatalyst_3650-48fqm-scatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9300-24u-acatalyst_3850-24t-lcatalyst_9300-48u-ecatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-48u-acatalyst_3650-8x24pd-l8831catalyst_3650-48pq-ecatalyst_9300-24s-ecatalyst_3850-24xscatalyst_3650-8x24pd-s1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300catalyst_3850-48ucatalyst_3650-12x48ur-lcatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_3650-8x24uq-ecatalyst_3850-12s-ecatalyst_3850-32xs-easr_1002-hx_rcatalyst_3650-24pdCisco IOSIOS Software
CVE-2018-0282
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 57.40%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 00:00
Updated-21 Nov, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability

A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applications, the only affected application observed so far is the HTTP server. An attacker could exploit this vulnerability by sending specific HTTP requests at a sustained rate to a reachable IP address of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ie_2000-4ts-gcatalyst_2960cg-8tc-lembedded_service_2020_24tc_con_bcatalyst_3560cpd-8pt-sie_2000-4tcatalyst_2960s-48fps-lcatalyst_3560cg-8tc-sie_2000-16tc-gcatalyst_2960c-8tc-lcatalyst_3750x-48t-lcatalyst_3750x-24p-scatalyst_2960x-24td-lcatalyst_2960x-48fpd-lcatalyst_2960x-24ts-llcatalyst_2960-plus_48pst-lie_3000-8tccatalyst_3750x-24p-ecatalyst_2960x-24pd-lcatalyst_3750x-12s-scatalyst_2960cpd-8tt-lcatalyst_2960-plus_24pc-scatalyst_3560x-48t-scatalyst_3560x-48p-eie_2000-16ptc-gcatalyst_2960xr-24td-icatalyst_3560c-8pc-scatalyst_3560x-48p-lcatalyst_3750x-48t-sembedded_service_2020_24tc_ncpcatalyst_2960-plus_48pst-sie_2000-8tc-gcatalyst_2960s-48lpd-lie_2000-4tscatalyst_3750x-48u-ecatalyst_3560x-24p-lcatalyst_2960s-f48ts-scatalyst_3560x-48pf-lcatalyst_3750x-48u-scatalyst_3750x-24s-eembedded_service_2020_ncp_bcatalyst_2960x-24ps-lcatalyst_4500_supervisor_engine_6-ecatalyst_2960s-24ts-lcatalyst_2960x-48ts-lcatalyst_2960s-f48fps-lie_2000-16tc-g-ecatalyst_4500_supervisor_engine_6l-ecatalyst_3560x-48t-ecatalyst_2960-plus_24tc-lcatalyst_3750x-24t-lcatalyst_3750x-12s-eembedded_service_2020_concatalyst_3560x-24u-ecatalyst_3560x-48u-eembedded_service_2020_24tc_concatalyst_2960s-48ts-lcatalyst_2960x-48lps-lcatalyst_2960x-48td-lie_2000-16tccatalyst_3560x-48u-scatalyst_3750x-24u-scatalyst_2960xr-48td-iembedded_service_2020_con_bcatalyst_2960xr-24ps-icatalyst_2960x-48ts-llcatalyst_2960s-f24ps-lcatalyst_2960s-f48lps-lcatalyst_2960xr-24pd-icatalyst_2960cpd-8pt-lcatalyst_2960-plus_24pc-lcatalyst_2960s-f24ts-lcatalyst_3560x-48pf-scatalyst_2960s-f24ts-scatalyst_2960c-8tc-sie-3010-24tccatalyst_2960-plus_24lc-lcatalyst_3750x-48p-sie_2000-8tcie_2000-8tc-g-ecatalyst_2960-plus_48tc-lcatalyst_3750x-48pf-scatalyst_3560x-24t-lie_2000-4t-gcatalyst_3560x-24p-ecatalyst_2960x-48lpd-lcatalyst_3750x-24p-lie_3000-4tcie_2000-8tc-g-ncatalyst_3560cg-8pc-scatalyst_3560x-48t-lcatalyst_3560x-48u-lcatalyst_3750x-24s-sie_2000-16tc-g-xcatalyst_3560x-24u-lcatalyst_2960s-48fpd-lcatalyst_2960s-48ts-ssm-x_layer_2\/3_etherswitch_service_modulecatalyst_2960s-24td-lcatalyst_3560x-48p-scatalyst_2960-plus_24lc-scatalyst_3750x-48p-lcatalyst_2960s-48td-lie_2000-24t67catalyst_2960xr-24ts-icatalyst_3750x-24u-lcatalyst_2960xr-48lps-icatalyst_2960x-24psq-lcatalyst_2960xr-48ts-icatalyst_3560x-24t-ecatalyst_4948ecatalyst_2960-plus_24tc-scatalyst_4948e-fcatalyst_2960s-24ps-lcatalyst_2960s-f48ts-lcatalyst_3560x-24p-scatalyst_2960xr-48fps-iie-3010-16s-8pccatalyst_2960c-8pc-lcatalyst_2960-plus_48tc-scatalyst_4900mie_2000-16t67embedded_service_2020_ncpcatalyst_3750x-48u-lioscatalyst_2960xr-48fpd-icatalyst_3560x-48pf-eie_2000-4s-ts-gcatalyst_2960s-24pd-lcatalyst_3750x-48t-eie_2000-16t67pie_2000-8t67pcatalyst_3750x-48p-ecatalyst_3560x-24t-scatalyst_3750x-24t-scatalyst_3750x-48pf-ecatalyst_2960xr-48lpd-iie_2000-16tc-g-ncatalyst_3560c-12pc-scatalyst_3560x-24u-sios_xecatalyst_2960c-12pc-lcatalyst_3750x-24t-ecatalyst_3750x-24u-ecatalyst_3750x-48pf-lcatalyst_2960x-24ts-lie_2000-8t67catalyst_2960s-48lps-lcatalyst_2960x-48fps-lembedded_service_2020_24tc_ncp_bCisco IOS
CWE ID-CWE-371
Not Available
CVE-2018-0476
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-4.29% / 88.41%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2018-0469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.08% / 76.93%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Denial of Service Vulnerability

A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker could exploit this vulnerability by sending specific HTTP requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-415
Double Free
CVE-2002-0813
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-10.05% / 92.77%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0397
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.45% / 62.86%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 20:00
Updated-26 Nov, 2024 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Apple Inc.
Product-mac_os_xadvanced_malware_protection_for_endpointsCisco AMP for Endpoints Mac Connector unknown
CWE ID-CWE-399
Not Available
CVE-2018-0180
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-2.05% / 83.12%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcatalyst_3850-16xs-scatalyst_3650-24pd-l4331\/k9-rf_integrated_services_routercatalyst_3850-48p-ecatalyst_9300-24t-e4461_integrated_services_router8201catalyst_3850-24u-lasr_1002-xcatalyst_8540msr1100-6g_integrated_services_routercatalyst_3650-24ts-scatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_8500lcatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_3850-24xu-scatalyst_3650-48pd-lcatalyst_3650-24pdm-s1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_3650-24pd-scatalyst_9300-24s-a1000_integrated_services_routerasr_1000-xcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-48pq-scatalyst_9300l-24t-4x-ecatalyst_3650-12x48uz-lcatalyst_3650-48fd-s1841_integrated_service_routercatalyst_3850-24u-scatalyst_3650-48ps-lintegrated_services_virtual_routerasr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_9300-48t-acatalyst_9300xcatalyst_3650-48fd-ecatalyst_8300-1n1s-6tcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3650-48fqmcatalyst_3650-24ps-lcatalyst_3850-48p-scatalyst_3850-48u-lcatalyst_3650-48ts-ecatalyst_9410rcatalyst_3650-12x48ur-scatalyst_3650-12x48uz-scatalyst_3850-nm-2-40gcatalyst_3650-12x48uq-ecatalyst_3650-24ps-ecatalyst_3650-24pdm8800_8-slot88121812_integrated_service_routerios1101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_9800-clasr_1004catalyst_8200asr_1001-xcatalyst_3850-32xs-scatalyst_3650-12x48ur-easr_1023catalyst_3650-8x24pd-ecatalyst_9300l-48p-4x-a1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3650-24ts-lcatalyst_3850-48t-e1941_integrated_services_routercatalyst_9300l-48t-4g-a3945_integrated_services_routercatalyst_3650-12x48uq-s8218catalyst_9800-l-f1906c_integrated_services_router4351\/k9-ws_integrated_services_router1100-4g_integrated_services_router1100-4gltena_integrated_services_routercatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_85008818catalyst_3850-24xu1109_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_3650-24td-l8202catalyst_3650-48fqm-e8208catalyst_3650-48fd-lcatalyst_3650-48fq-scatalyst_3850-48f-scatalyst_9300l-24p-4x-easr_1002-hxcatalyst_3650-48fs-l1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3650-12x48uz88081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-e3925_integrated_services_routercatalyst_9800-40catalyst_3650-48pd-easr_1002-x_rcatalyst_9300-24ux-easr_1000catalyst_3650-24ps-scatalyst_3850-24p-ecatalyst_9300l-48p-4g-easr_1009-x1109-4p_integrated_services_routercatalyst_3650-48ps-s1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_router8101-32fhcatalyst_3650-48td-scatalyst_3650-48ts-scatalyst_9300l-48t-4x-a1803_integrated_service_routercatalyst_3650-48fqm-lcloud_services_router_1000vcatalyst_3650-12x48uqcatalyst_9800catalyst_3850-24t-e4331_integrated_services_routercatalyst_3650-48fq-lcatalyst_3650-24pdm-lcatalyst_3650-48tq-s1100-8p_integrated_services_router1111x_integrated_services_routercatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_9400catalyst_3850-24s-scatalyst_8300-2n2s-4t2x1100_integrated_services_router1861_integrated_service_routercatalyst_3650-12x48fd-lasr_1002catalyst_3850-48t-scatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_9300l_stackcatalyst_9300-48s-e1941w_integrated_services_routercatalyst_3650-8x24uqcatalyst_8300-1n1s-4t2xcatalyst_3650-24pd-easr_1013catalyst_3650catalyst_3850-48t-lcatalyst_9200cx1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routerasr_1000-esp200-xasr_1006-xcatalyst_3850-24u-ecatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routercatalyst_3650-48pq-lcatalyst_3650-48fs-scatalyst_8510csrcatalyst_3850-nm-8-10g1101_integrated_services_router8102-64hcatalyst_3650-24td-s3945e_integrated_services_routercatalyst_3650-12x48uz-ecatalyst_3650-24ts-e4321\/k9-rf_integrated_services_routercatalyst_3650-48ts-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_8500-4qcesr-6300-con-k9catalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-lcatalyst_3650-48fqcatalyst_3650-48ps-e8800_18-slotcatalyst_9300-48uxm-acatalyst_38508201-32fhcatalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchcatalyst_3650-48pd-s4331\/k9-ws_integrated_services_routercatalyst_3650-48td-l4321\/k9-ws_integrated_services_routerasr_1001-x_rcatalyst_3650-48tq-ecatalyst_9300l-24p-4g-acatalyst_3850-48xs-e8800_12-slotcatalyst_9300-24ux-acatalyst_9407rcatalyst_9800-80catalyst_3650-8x24uq-s44461_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_routercatalyst_9300-48s-a8101-32hcatalyst_3650-8x24uq-lcatalyst_3650-48fq-ecatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_3850-24xs-scatalyst_3650-48fs-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006catalyst_3650-48td-easr_10013925e_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_ie3300_rugged_switch4431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3650-24td-ecatalyst_3650-12x48fd-scatalyst_9300-48uxm-ecatalyst_3850-24xu-ecatalyst_9300catalyst_3650-12x48fd-ecatalyst_3650-48fqm-scatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9300-24u-acatalyst_3850-24t-lcatalyst_9300-48u-ecatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-48u-acatalyst_3650-8x24pd-l8831catalyst_3650-48pq-ecatalyst_9300-24s-ecatalyst_3850-24xscatalyst_3650-8x24pd-s1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300catalyst_3850-48ucatalyst_3650-12x48ur-lcatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_3650-8x24uq-ecatalyst_3850-12s-ecatalyst_3850-32xs-easr_1002-hx_rcatalyst_3650-24pdCisco IOSIOS Software
CVE-2010-2981
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.66% / 70.30%
||
7 Day CHG~0.00%
Published-09 Aug, 2010 | 19:23
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_wireless_network_solution_softwaren/a
CVE-2018-0189
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 55.79%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. The vulnerability is due to a limitation in the way the FIB is internally representing recursive routes. An attacker could exploit this vulnerability by injecting routes into the routing protocol that have a specific recursive pattern. The attacker must be in a position on the network that provides the ability to inject a number of recursive routes with a specific pattern. An exploit could allow the attacker to cause an affected device to reload, creating a DoS condition. Cisco Bug IDs: CSCva91655.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS and IOS XE
CWE ID-CWE-399
Not Available
CVE-2010-2821
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.35% / 56.59%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2), 4.0 before 4.0(11.1), and 4.1 before 4.1(1.2) for Catalyst 6500 series switches and 7600 series routers, when multi-mode is enabled, allows remote attackers to cause a denial of service (device reload) via crafted (1) Telnet, (2) SSH, or (3) ASDM traffic over TCP, aka Bug ID CSCtg68694.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firewall_services_module_softwarecatalyst_6500firewall_services_modulecatalyst_7600n/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 27
  • 28
  • Next
Details not found