Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-1348

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-26 Mar, 2016 | 01:00
Updated At-05 Aug, 2024 | 22:55
Rejected At-
Credits

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:26 Mar, 2016 | 01:00
Updated At:05 Aug, 2024 | 22:55
Rejected At:
▼CVE Numbering Authority (CNA)

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
vendor-advisory
x_refsource_CISCO
http://www.securitytracker.com/id/1035381
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securitytracker.com/id/1035381
Resource:
vdb-entry
x_refsource_SECTRACK
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
vendor-advisory
x_refsource_CISCO
x_transferred
http://www.securitytracker.com/id/1035381
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securitytracker.com/id/1035381
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:26 Mar, 2016 | 01:59
Updated At:12 Apr, 2025 | 10:46

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Cisco Systems, Inc.
cisco
>>ios_xe>>3.3xo_3.3.0xo
cpe:2.3:o:cisco:ios_xe:3.3xo_3.3.0xo:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.3xo_3.3.1xo
cpe:2.3:o:cisco:ios_xe:3.3xo_3.3.1xo:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.3xo_3.3.2xo
cpe:2.3:o:cisco:ios_xe:3.3xo_3.3.2xo:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5e_3.5.0e
cpe:2.3:o:cisco:ios_xe:3.5e_3.5.0e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5e_3.5.1e
cpe:2.3:o:cisco:ios_xe:3.5e_3.5.1e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5e_3.5.2e
cpe:2.3:o:cisco:ios_xe:3.5e_3.5.2e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5e_3.5.3e
cpe:2.3:o:cisco:ios_xe:3.5e_3.5.3e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5s_3.5.0s
cpe:2.3:o:cisco:ios_xe:3.5s_3.5.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5s_3.5.1s
cpe:2.3:o:cisco:ios_xe:3.5s_3.5.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.5s_3.5.2s
cpe:2.3:o:cisco:ios_xe:3.5s_3.5.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6e_3.6.0e
cpe:2.3:o:cisco:ios_xe:3.6e_3.6.0e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6e_3.6.1e
cpe:2.3:o:cisco:ios_xe:3.6e_3.6.1e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6e_3.6.2ae
cpe:2.3:o:cisco:ios_xe:3.6e_3.6.2ae:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6e_3.6.2e
cpe:2.3:o:cisco:ios_xe:3.6e_3.6.2e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6e_3.6.3e
cpe:2.3:o:cisco:ios_xe:3.6e_3.6.3e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6s_3.6.0s
cpe:2.3:o:cisco:ios_xe:3.6s_3.6.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6s_3.6.1s
cpe:2.3:o:cisco:ios_xe:3.6s_3.6.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.6s_3.6.2s
cpe:2.3:o:cisco:ios_xe:3.6s_3.6.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7e_3.7.0e
cpe:2.3:o:cisco:ios_xe:3.7e_3.7.0e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7e_3.7.1e
cpe:2.3:o:cisco:ios_xe:3.7e_3.7.1e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7e_3.7.2e
cpe:2.3:o:cisco:ios_xe:3.7e_3.7.2e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.0s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.1s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.2s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.2ts
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.2ts:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.3s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.3s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.4as
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.4as:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.4s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.4s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.5s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.5s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.6s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.6s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.7s_3.7.7s
cpe:2.3:o:cisco:ios_xe:3.7s_3.7.7s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.8e_3.8.0e
cpe:2.3:o:cisco:ios_xe:3.8e_3.8.0e:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.8s_3.8.0s
cpe:2.3:o:cisco:ios_xe:3.8s_3.8.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.8s_3.8.1s
cpe:2.3:o:cisco:ios_xe:3.8s_3.8.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.8s_3.8.2s
cpe:2.3:o:cisco:ios_xe:3.8s_3.8.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.9s_3.9.0as
cpe:2.3:o:cisco:ios_xe:3.9s_3.9.0as:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.9s_3.9.0s
cpe:2.3:o:cisco:ios_xe:3.9s_3.9.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.9s_3.9.1as
cpe:2.3:o:cisco:ios_xe:3.9s_3.9.1as:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.9s_3.9.1s
cpe:2.3:o:cisco:ios_xe:3.9s_3.9.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.9s_3.9.2s
cpe:2.3:o:cisco:ios_xe:3.9s_3.9.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.0s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.1s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.1s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.1xbs
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.1xbs:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.2s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.2s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.3s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.3s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.4s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.4s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.5s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.5s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.10s_3.10.6s
cpe:2.3:o:cisco:ios_xe:3.10s_3.10.6s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.11s_3.11.0s
cpe:2.3:o:cisco:ios_xe:3.11s_3.11.0s:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xe>>3.11s_3.11.1s
cpe:2.3:o:cisco:ios_xe:3.11s_3.11.1s:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6psirt@cisco.com
Vendor Advisory
http://www.securitytracker.com/id/1035381psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securitytracker.com/id/1035381af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.securitytracker.com/id/1035381
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securitytracker.com/id/1035381
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

849Records found
CVE-2016-1472
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.41% / 79.68%
||
7 Day CHG~0.00%
Published-02 Sep, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request, aka Bug ID CSCuz76238.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-small_business_220_series_smart_plus_switchesn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-4915
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection stress test," aka Bug ID CSCsq68451.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2017-6745
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.30%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-videoscape_distribution_suite_for_televisionCisco Videoscape Distribution Suite Cache Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0151
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.42% / 79.76%
||
7 Day CHG~0.00%
Published-19 Feb, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-5550_series_adaptive_security_appliance5540_series_adaptive_security_appliancecatalyst_65005500_series_adaptive_security_appliancecatalyst_76005580_series_adaptive_security_appliance5510_series_adaptive_security_applianceasa_5500firewall_services_module5520_series_adaptive_security_appliance5505_series_adaptive_security_appliancen/a
CVE-2009-4911
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2009-4917
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2010-0137
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.31% / 78.96%
||
7 Day CHG~0.00%
Published-21 Jan, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2016-1479
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.64%
||
7 Day CHG~0.00%
Published-22 Aug, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of service (memory corruption) via a crafted HTTP request, aka Bug ID CSCuz03038.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ip_phone_8800_series_firmwareip_phone_8800n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-5038
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-4923
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2010-4673
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.98%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4691
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.98%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2009-4918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.98%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.11% / 83.39%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-1469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.61% / 80.99%
||
7 Day CHG~0.00%
Published-12 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-spa300_series_ip_phonespa300_firmwarespa500_firmwarespa500_series_ip_phonen/a
CVE-2016-1481
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.33%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter that contains certain rules. More Information: CSCux59873. Known Affected Releases: 8.5.6-106 9.1.0-032 9.7.0-125. Known Fixed Releases: 9.1.1-038 9.7.1-066.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_applianceCisco AsyncOS through 9.7.0-125
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0149
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.77% / 72.45%
||
7 Day CHG~0.00%
Published-19 Feb, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_500asa_5500n/a
CVE-2010-0150
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.39% / 79.53%
||
7 Day CHG~0.00%
Published-19 Feb, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_500asa_5500n/a
CVE-2017-3876
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.83%
||
7 Day CHG~0.00%
Published-16 May, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could allow the attacker to crash the device in such a manner that manual intervention is required to recover. This vulnerability affects all Cisco IOS XR platforms that are running release 6.1.1 of Cisco IOS XR Software when the gRPC service is enabled on the device. The gRPC service is not enabled by default. Cisco Bug IDs: CSCvb14441.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrCisco IOS XR
CWE ID-CWE-399
Not Available
CVE-2016-1466
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.34% / 79.18%
||
7 Day CHG~0.00%
Published-08 Aug, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_manager_im_and_presence_servicen/a
CVE-2009-4920
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2009-4914
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.66%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CVE-2009-4921
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-29 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5580n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1421
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-4.73% / 88.97%
||
7 Day CHG~0.00%
Published-10 Jun, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ip_phoneip_phone_8800_series_firmwareCisco IP Phones
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1478
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.74% / 72.02%
||
7 Day CHG~0.00%
Published-08 Aug, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1436
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.56%
||
7 Day CHG-0.43%
Published-23 Jun, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5000_softwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4679
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.02%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1405
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-2.31% / 84.12%
||
7 Day CHG-2.31%
Published-08 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.

Action-Not Available
Vendor-n/aCisco Systems, Inc.ClamAV
Product-web_security_applianceemail_security_applianceclamavn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1349
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.17%
||
7 Day CHG~0.00%
Published-26 Mar, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

Action-Not Available
Vendor-zzincn/aSamsungIntel CorporationCisco Systems, Inc.Zyxel Networks CorporationSun Microsystems (Oracle Corporation)NETGEAR, Inc.
Product-gs1900-10hp_firmwarecore_i5-9400f_firmwarekeymouse_firmwareios_xex14j_firmwareopensolarisjr6150_firmwaren/a
CVE-2016-1382
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.49% / 64.34%
||
7 Day CHG-0.76%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceweb_security_appliance_\(wsa\)n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1409
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-4.14% / 88.19%
||
7 Day CHG+0.72%
Published-29 May, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosnx-osios_xeios_xrn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1367
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.28%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CVE-2016-1364
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.11%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted Bonjour traffic, aka Bug ID CSCur66908.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controller_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1383
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.49% / 64.34%
||
7 Day CHG~0.00%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceweb_security_appliance_\(wsa\)n/a
CVE-2016-1336
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-31.81% / 96.65%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-epc3928epc3928_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1400
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.56%
||
7 Day CHG-0.59%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_video_communication_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1328
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-23.20% / 95.72%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-epc3928epc3928_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1368
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.23%
||
7 Day CHG~0.00%
Published-05 May, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these appliances, allows remote attackers to cause a denial of service (packet-processing outage) via crafted packets, aka Bug ID CSCuu86214.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firesight_system_softwaren/a
CVE-2009-3899
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.27% / 83.98%
||
7 Day CHG~0.00%
Published-06 Nov, 2009 | 15:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-opensolarissolarisn/a
CWE ID-CWE-399
Not Available
CVE-2010-4683
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2009-4190
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 64.58%
||
7 Day CHG~0.00%
Published-03 Dec, 2009 | 17:00
Updated-17 Sep, 2024 | 00:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service (panic) via unknown vectors, as demonstrated by the vd_solaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-opensolarisn/a
CVE-2016-1362
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.29%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-aireosn/a
CVE-2016-1312
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.74% / 72.02%
||
7 Day CHG~0.00%
Published-09 Mar, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asa_5500_csc-ssm_firmwareasa_5500_csc-ssmn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1326
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.01%
||
7 Day CHG~0.00%
Published-09 Mar, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-dpq3925_8x4_docsis_3.0_wireless_residential_gateway_with_embedded_digital_voice_adaptern/a
CVE-2016-1347
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-4.32% / 88.44%
||
7 Day CHG~0.00%
Published-24 Mar, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2010-4688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.98%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4686
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2010-2836
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.48%
||
7 Day CHG~0.00%
Published-23 Sep, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2016-1407
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.56%
||
7 Day CHG-0.59%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrasr_9904asr_9922asr_9001asr_9006asr_9010asr_9912n/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 16
  • 17
  • Next
Details not found