Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-1421

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-10 Jun, 2016 | 01:00
Updated At-05 Aug, 2024 | 22:55
Rejected At-
Credits

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:10 Jun, 2016 | 01:00
Updated At:05 Aug, 2024 | 22:55
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IP Phones
Versions
Affected
  • 11.7(1)
Problem Types
TypeCWE IDDescription
CWECWE-119CWE-119
Type: CWE
CWE ID: CWE-119
Description: CWE-119
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
vendor-advisory
x_refsource_CISCO
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
vendor-advisory
x_refsource_CISCO
https://www.tenable.com/security/research/tra-2020-24
x_refsource_MISC
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: https://www.tenable.com/security/research/tra-2020-24
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
vendor-advisory
x_refsource_CISCO
x_transferred
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
vendor-advisory
x_refsource_CISCO
x_transferred
https://www.tenable.com/security/research/tra-2020-24
x_refsource_MISC
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://www.tenable.com/security/research/tra-2020-24
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:10 Jun, 2016 | 01:59
Updated At:12 Apr, 2025 | 10:46

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>ip_phone>>*
cpe:2.3:h:cisco:ip_phone:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ip_phone_8800_series_firmware>>11.0\(1\)
cpe:2.3:o:cisco:ip_phone_8800_series_firmware:11.0\(1\):*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Secondarypsirt@cisco.com
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Secondary
Source: psirt@cisco.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipppsirt@cisco.com
Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipppsirt@cisco.com
N/A
https://www.tenable.com/security/research/tra-2020-24psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ippaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ippaf854a3a-2127-422b-91ae-364da2661108
N/A
https://www.tenable.com/security/research/tra-2020-24af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Source: psirt@cisco.com
Resource: N/A
Hyperlink: https://www.tenable.com/security/research/tra-2020-24
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.tenable.com/security/research/tra-2020-24
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1522Records found
CVE-2005-2243
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-12 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-call_managern/a
CVE-2005-2241
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-12 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-call_managern/a
CVE-2005-2279
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.91%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ons_15216_optical_add_drop_multiplexer_softwaren/a
CVE-2005-2280
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-security_agentn/a
CVE-2011-2057
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.16%
||
7 Day CHG~0.00%
Published-22 Oct, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2005-0597
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.40% / 60.00%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-application_and_content_networking_softwaren/a
CVE-2012-0376
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-03 May, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID CSCtj87367.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2005-0599
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-application_and_content_networking_softwaren/a
CVE-2012-0360
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.77% / 72.56%
||
7 Day CHG~0.00%
Published-23 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2005-0600
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.71%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_distribution_manager_4630content_router_4450enterprise_content_delivery_network_softwarecontent_delivery_managercontent_engine_module_for_cisco_routerapplication_and_content_networking_softwarecontent_enginecontent_distribution_manager_4650content_router_4430content_distribution_manager_4670n/a
CVE-2005-0598
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.35% / 86.82%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_distribution_manager_4630content_router_4450enterprise_content_delivery_network_softwarecontent_delivery_managercontent_engine_module_for_cisco_routerapplication_and_content_networking_softwarecontent_enginecontent_distribution_manager_4650content_router_4430content_distribution_manager_4670n/a
CVE-2005-0356
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-86.02% / 99.35%
||
7 Day CHG~0.00%
Published-31 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Action-Not Available
Vendor-nortelalaxalayamahan/aOpenBSDF5, Inc.Microsoft CorporationFreeBSD FoundationCisco Systems, Inc.Hitachi, Ltd.
Product-e-mail_managerrt57iciscoworks_access_control_list_managercontent_services_switch_11800content_services_switch_11503alaxala_networkscontent_services_switch_11050rt105rt300iwindows_xpremote_monitoring_suite_optionethernet_routing_switch_1648call_managerip_contact_center_enterpriseciscoworks_common_management_foundationip_contact_center_expressconference_connectionagent_desktopunity_serveremergency_respondersuccession_communication_server_1000aironet_ap1200sn_5420_storage_router_firmwaresn_5420_storage_routerpersonal_assistantweb_collaboration_optionciscoworks_windowsgr4000secure_access_control_servertmosciscoworks_lmsrtx1000rtx1100contact_centercallpilotsupport_toolsmgx_82307220_wlan_access_pointgr3000webnssurvivable_remote_gatewaybusiness_communications_managermeetingplacealaxalamgx_8250content_services_switch_11000windows_2000windows_2003_serveropenbsdaironet_ap350sn_5428_storage_routeruniversal_signaling_point7250_wlan_access_pointrt250iethernet_routing_switch_1612optical_metro_5200ciscoworks_1105_hosting_solution_engineciscoworks_1105_wireless_lan_solution_engineintelligent_contact_managergs4000ciscoworks_common_servicesoptical_metro_5100ciscoworks_vpn_security_management_solutionrtx2000rtv700ciscoworks_cd1ethernet_routing_switch_1624ciscoworks_windows_wugcontent_services_switch_11501optical_metro_5000content_services_switch_11150interactive_voice_responsefreebsdrtx1500content_services_switch_11506content_services_switch_11500n/a
CVE-2005-0186
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.33% / 79.11%
||
7 Day CHG~0.00%
Published-06 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2004-1433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-1464
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.70% / 81.52%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-30 Jul, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-09||Apply updates per vendor instructions.

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/aIOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2011-4015
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.2S allows remote attackers to cause a denial of service (interface queue wedge) via malformed UDP traffic on port 465, aka Bug ID CSCts48300.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.12% / 77.35%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_access_control_serversecure_acs_solution_enginen/a
CVE-2011-3283
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.43%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsystem crash) via a fragmented GRE packet, aka Bug ID CSCts14887.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-carrier_routing_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1435
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.19% / 77.99%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-1759
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.84% / 85.68%
||
7 Day CHG~0.00%
Published-10 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.

Action-Not Available
Vendor-n/aIBM CorporationCisco Systems, Inc.
Product-x330conference_connectionx345emergency_respondermcs-7835i-2.4mcs-7815-1000internet_service_nodex342ip_call_center_express_standardip_call_center_express_enhancedpersonal_assistantip_interactive_voice_responsemcs-7815i-2.0call_managerdirector_agentx340mcs-7835i-3.0n/a
CVE-2004-1434
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.01% / 82.95%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-0710
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.98% / 75.83%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2004-1164
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-cns_network_registrarn/a
CVE-2004-0551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.80% / 73.01%
||
7 Day CHG~0.00%
Published-15 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_4500catalyst_2926fcatalyst_2948g-l3catalyst_4000catoscatalyst_2926gscatalyst_2980g-acatalyst_4506catalyst_2926glcatalyst_4507rcatalyst_4912gcatalyst_5000catalyst_2926tcatalyst_6000_ws-svc-nam-1catalyst_6000_ws-svc-nam-2catalyst_2901catalyst_2980gcatalyst_2902catalyst_6000_ws-x6380-namcatalyst_4503catalyst_4510rcatalyst_2948-ge-txcatalyst_2926catalyst_2948n/a
CVE-2004-1111
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.79% / 85.51%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_76007600_routeriosmultiservice_platform_2651multiservice_platform_26507200_router7500_routermultiservice_platform_2651xmmultiservice_platform_2650xm7300_routern/a
CVE-2011-2583
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.43%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remote attackers to cause a denial of service via network traffic, as demonstrated by an SEC-BE-STABLE test case, aka Bug ID CSCth33834.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_contact_center_expressn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-0307
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-0714
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwareiosons_15454e_optical_transport_platformn/a
CVE-2004-0352
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.00% / 76.03%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11050content_services_switch_11800content_services_switch_11000content_services_switch_11150n/a
CVE-2006-4910
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.93% / 82.65%
||
7 Day CHG~0.00%
Published-21 Sep, 2006 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ips_sensor_softwareids_sensor_softwaren/a
CVE-2004-0081
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.80% / 85.53%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

Action-Not Available
Vendor-sco4dlitebluecoatneoterisstonesofttarantellasecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterprisestonegate_vpn_clientproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdsg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000speed_technologies_litespeed_web_serverfreebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CVE-2004-0112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.72% / 71.60%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

Action-Not Available
Vendor-forcepointsco4dbluecoatneoterisstonesofttarantellalitespeedtechsecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterpriseproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdlitespeed_web_serversg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000freebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2003-1132
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.41%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11000content_services_switch_11500n/a
CVE-2003-1001
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.80% / 73.01%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_7600_ws-x6380-namfirewall_services_modulecatoscatalyst_7600_ws-svc-nam-2catalyst_7600_ws-svc-nam-1catalyst_6500_ws-x6380-namcatalyst_6500_ws-svc-nam-1catalyst_6500catalyst_6500_ws-svc-nam-2n/a
CVE-2003-1004
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_firewall_softwarepix_firewalln/a
CVE-2003-0851
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.04% / 89.35%
||
7 Day CHG~0.00%
Published-06 Nov, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

Action-Not Available
Vendor-n/aOpenSSLCisco Systems, Inc.
Product-ioscss11000_content_services_switchopensslpix_firewall_softwarepix_firewalln/a
CVE-2004-0079
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.27% / 83.98%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Action-Not Available
Vendor-sco4dlitebluecoatneoterisstonesofttarantellasecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterprisestonegate_vpn_clientproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdsg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000speed_technologies_litespeed_web_serverfreebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2003-1002
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_7600_ws-x6380-namfirewall_services_modulecatoscatalyst_7600_ws-svc-nam-2catalyst_7600_ws-svc-nam-1catalyst_6500_ws-x6380-namcatalyst_6500_ws-svc-nam-1catalyst_6500catalyst_6500_ws-svc-nam-2n/a
CVE-2016-1486
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.35%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_applianceCisco AsyncOS through 9.7.1-066
CVE-2003-0260
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-08 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3030_concentatorvpn_3000_concentrator_series_softwarevpn_3002_hardware_clientvpn_3060_concentratorvpn_3080_concentratorvpn_3015_concentratorn/a
CVE-2003-0259
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-08 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3030_concentatorvpn_3000_concentrator_series_softwarevpn_3002_hardware_clientvpn_3060_concentratorvpn_3080_concentratorvpn_3015_concentratorn/a
CVE-2003-0305
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2003-0511
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-15.40% / 94.37%
||
7 Day CHG~0.00%
Published-29 Jul, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2002-2140
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.12% / 77.35%
||
7 Day CHG~0.00%
Published-16 Nov, 2005 | 21:17
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_firewall_softwaren/a
CVE-2010-4687
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.28%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2002-2053
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2002-1597
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.00% / 76.03%
||
7 Day CHG~0.00%
Published-13 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-sn_5420_storage_router_firmwaren/a
CVE-2002-1100
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-10 Sep, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3000_concentrator_series_softwarevpn_3002_hardware_clientn/a
CVE-2002-1093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3000_concentrator_series_softwaren/a
CVE-2010-4677
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.97% / 75.69%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (daemon crash) via a request for a document whose name contains space characters, aka Bug ID CSCsy08416.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 30
  • 31
  • Next
Details not found