Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-1440

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-02 Jul, 2016 | 14:00
Updated At-05 Aug, 2024 | 22:55
Rejected At-
Credits

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:02 Jul, 2016 | 14:00
Updated At:05 Aug, 2024 | 22:55
Rejected At:
▼CVE Numbering Authority (CNA)

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1036188
vdb-entry
x_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securitytracker.com/id/1036188
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1036188
vdb-entry
x_refsource_SECTRACK
x_transferred
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securitytracker.com/id/1036188
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:02 Jul, 2016 | 14:59
Updated At:12 Apr, 2025 | 10:46

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>web_security_appliance>>5.6.0-623
cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>6.0.0-000
cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.1.0
cpe:2.3:a:cisco:web_security_appliance:7.1.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.1.1
cpe:2.3:a:cisco:web_security_appliance:7.1.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.1.2
cpe:2.3:a:cisco:web_security_appliance:7.1.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.1.3
cpe:2.3:a:cisco:web_security_appliance:7.1.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.1.4
cpe:2.3:a:cisco:web_security_appliance:7.1.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.5.0-000
cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.5.0-825
cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.5.1-000
cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.5.2-000
cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.5.2-hp2-303
cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.7.0-000
cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.7.0-608
cpe:2.3:a:cisco:web_security_appliance:7.7.0-608:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.7.1-000
cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>7.7.5-835
cpe:2.3:a:cisco:web_security_appliance:7.7.5-835:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.0-000
cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.5
cpe:2.3:a:cisco:web_security_appliance:8.0.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.5_hp1
cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.6
cpe:2.3:a:cisco:web_security_appliance:8.0.6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.6-078
cpe:2.3:a:cisco:web_security_appliance:8.0.6-078:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.6-119
cpe:2.3:a:cisco:web_security_appliance:8.0.6-119:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.7
cpe:2.3:a:cisco:web_security_appliance:8.0.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.7-142
cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.0.8-mr-113
cpe:2.3:a:cisco:web_security_appliance:8.0.8-mr-113:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.0-497
cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.0.000
cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.1-021
cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.2-024
cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.2-027
cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.5.3-055
cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.8.0-000
cpe:2.3:a:cisco:web_security_appliance:8.8.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>8.8.0-085
cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>9.0.0-193
cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>9.0_base
cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>9.1.0-000
cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>9.1.0-070
cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsapsirt@cisco.com
Vendor Advisory
http://www.securitytracker.com/id/1036188psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsaaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securitytracker.com/id/1036188af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.securitytracker.com/id/1036188
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securitytracker.com/id/1036188
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

463Records found
CVE-2012-4079
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-26 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_computing_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-3919
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-16 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-application_control_engine_modulen/a
CVE-2012-4098
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.43%
||
7 Day CHG~0.00%
Published-05 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13055.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nx-osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-0179
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-14.90% / 94.27%
||
7 Day CHG~0.00%
Published-11 Jan, 2006 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ip_phone_7940n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-1459
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_access_control_serversecure_acs_solution_enginen/a
CVE-2005-3669
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-9.46% / 92.50%
||
7 Day CHG~0.00%
Published-18 Nov, 2005 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3000_concentrator_series_softwaremds_9000_san-osfirewall_services_moduleiosadaptive_security_appliance_softwaremds_9000pix_firewall_softwarepix_firewalln/a
CVE-2005-3426
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.49% / 64.63%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11500n/a
CVE-2005-2243
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-12 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-call_managern/a
CVE-2005-2241
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-12 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-call_managern/a
CVE-2005-2279
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.91%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ons_15216_optical_add_drop_multiplexer_softwaren/a
CVE-2005-2280
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-security_agentn/a
CVE-2011-2057
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.16%
||
7 Day CHG~0.00%
Published-22 Oct, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-1357
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via IGMP packets, aka Bug ID CSCts46521.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_5000nx-osn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-0597
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.40% / 60.00%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-application_and_content_networking_softwaren/a
CVE-2012-0376
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-03 May, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID CSCtj87367.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2005-0599
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-application_and_content_networking_softwaren/a
CVE-2012-0360
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.77% / 72.56%
||
7 Day CHG~0.00%
Published-23 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2005-0600
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.71%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_distribution_manager_4630content_router_4450enterprise_content_delivery_network_softwarecontent_delivery_managercontent_engine_module_for_cisco_routerapplication_and_content_networking_softwarecontent_enginecontent_distribution_manager_4650content_router_4430content_distribution_manager_4670n/a
CVE-2005-0598
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.35% / 86.82%
||
7 Day CHG~0.00%
Published-01 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_distribution_manager_4630content_router_4450enterprise_content_delivery_network_softwarecontent_delivery_managercontent_engine_module_for_cisco_routerapplication_and_content_networking_softwarecontent_enginecontent_distribution_manager_4650content_router_4430content_distribution_manager_4670n/a
CVE-2005-0356
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-86.02% / 99.35%
||
7 Day CHG~0.00%
Published-31 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Action-Not Available
Vendor-nortelalaxalayamahan/aOpenBSDF5, Inc.Microsoft CorporationFreeBSD FoundationCisco Systems, Inc.Hitachi, Ltd.
Product-e-mail_managerrt57iciscoworks_access_control_list_managercontent_services_switch_11800content_services_switch_11503alaxala_networkscontent_services_switch_11050rt105rt300iwindows_xpremote_monitoring_suite_optionethernet_routing_switch_1648call_managerip_contact_center_enterpriseciscoworks_common_management_foundationip_contact_center_expressconference_connectionagent_desktopunity_serveremergency_respondersuccession_communication_server_1000aironet_ap1200sn_5420_storage_router_firmwaresn_5420_storage_routerpersonal_assistantweb_collaboration_optionciscoworks_windowsgr4000secure_access_control_servertmosciscoworks_lmsrtx1000rtx1100contact_centercallpilotsupport_toolsmgx_82307220_wlan_access_pointgr3000webnssurvivable_remote_gatewaybusiness_communications_managermeetingplacealaxalamgx_8250content_services_switch_11000windows_2000windows_2003_serveropenbsdaironet_ap350sn_5428_storage_routeruniversal_signaling_point7250_wlan_access_pointrt250iethernet_routing_switch_1612optical_metro_5200ciscoworks_1105_hosting_solution_engineciscoworks_1105_wireless_lan_solution_engineintelligent_contact_managergs4000ciscoworks_common_servicesoptical_metro_5100ciscoworks_vpn_security_management_solutionrtx2000rtv700ciscoworks_cd1ethernet_routing_switch_1624ciscoworks_windows_wugcontent_services_switch_11501optical_metro_5000content_services_switch_11150interactive_voice_responsefreebsdrtx1500content_services_switch_11506content_services_switch_11500n/a
CVE-2005-0186
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.33% / 79.11%
||
7 Day CHG~0.00%
Published-06 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2004-1433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-1464
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.70% / 81.52%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-30 Jul, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-09||Apply updates per vendor instructions.

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/aIOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2011-4015
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.2S allows remote attackers to cause a denial of service (interface queue wedge) via malformed UDP traffic on port 465, aka Bug ID CSCts48300.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.12% / 77.35%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_access_control_serversecure_acs_solution_enginen/a
CVE-2011-3283
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.43%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsystem crash) via a fragmented GRE packet, aka Bug ID CSCts14887.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-carrier_routing_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-1435
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.19% / 77.99%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-1759
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.84% / 85.68%
||
7 Day CHG~0.00%
Published-10 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.

Action-Not Available
Vendor-n/aIBM CorporationCisco Systems, Inc.
Product-x330conference_connectionx345emergency_respondermcs-7835i-2.4mcs-7815-1000internet_service_nodex342ip_call_center_express_standardip_call_center_express_enhancedpersonal_assistantip_interactive_voice_responsemcs-7815i-2.0call_managerdirector_agentx340mcs-7835i-3.0n/a
CVE-2004-1434
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.01% / 82.95%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-0710
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.98% / 75.83%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2004-1164
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-cns_network_registrarn/a
CVE-2004-0551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.80% / 73.01%
||
7 Day CHG~0.00%
Published-15 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_4500catalyst_2926fcatalyst_2948g-l3catalyst_4000catoscatalyst_2926gscatalyst_2980g-acatalyst_4506catalyst_2926glcatalyst_4507rcatalyst_4912gcatalyst_5000catalyst_2926tcatalyst_6000_ws-svc-nam-1catalyst_6000_ws-svc-nam-2catalyst_2901catalyst_2980gcatalyst_2902catalyst_6000_ws-x6380-namcatalyst_4503catalyst_4510rcatalyst_2948-ge-txcatalyst_2926catalyst_2948n/a
CVE-2004-1111
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.79% / 85.51%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_76007600_routeriosmultiservice_platform_2651multiservice_platform_26507200_router7500_routermultiservice_platform_2651xmmultiservice_platform_2650xm7300_routern/a
CVE-2011-2583
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.43%
||
7 Day CHG~0.00%
Published-02 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remote attackers to cause a denial of service via network traffic, as demonstrated by an SEC-BE-STABLE test case, aka Bug ID CSCth33834.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_contact_center_expressn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2004-0307
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 72.42%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwaren/a
CVE-2004-0714
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-optical_networking_systems_softwareiosons_15454e_optical_transport_platformn/a
CVE-2004-0352
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.00% / 76.03%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11050content_services_switch_11800content_services_switch_11000content_services_switch_11150n/a
CVE-2006-4910
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.93% / 82.65%
||
7 Day CHG~0.00%
Published-21 Sep, 2006 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ips_sensor_softwareids_sensor_softwaren/a
CVE-2004-0081
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.80% / 85.53%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

Action-Not Available
Vendor-sco4dlitebluecoatneoterisstonesofttarantellasecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterprisestonegate_vpn_clientproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdsg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000speed_technologies_litespeed_web_serverfreebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CVE-2004-0112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.72% / 71.60%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

Action-Not Available
Vendor-forcepointsco4dbluecoatneoterisstonesofttarantellalitespeedtechsecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterpriseproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdlitespeed_web_serversg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000freebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2003-1132
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.41%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11000content_services_switch_11500n/a
CVE-2003-1001
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.80% / 73.01%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_7600_ws-x6380-namfirewall_services_modulecatoscatalyst_7600_ws-svc-nam-2catalyst_7600_ws-svc-nam-1catalyst_6500_ws-x6380-namcatalyst_6500_ws-svc-nam-1catalyst_6500catalyst_6500_ws-svc-nam-2n/a
CVE-2003-1004
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_firewall_softwarepix_firewalln/a
CVE-2003-0851
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.04% / 89.35%
||
7 Day CHG~0.00%
Published-06 Nov, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

Action-Not Available
Vendor-n/aOpenSSLCisco Systems, Inc.
Product-ioscss11000_content_services_switchopensslpix_firewall_softwarepix_firewalln/a
CVE-2004-0079
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.27% / 83.98%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Action-Not Available
Vendor-sco4dlitebluecoatneoterisstonesofttarantellasecurecomputingn/aAvaya LLCNovellSun Microsystems (Oracle Corporation)Symantec CorporationCisco Systems, Inc.Apple Inc.HP Inc.Check Point Software Technologies Ltd.Silicon Graphics, Inc.OpenBSDRed Hat, Inc.Dell Inc.FreeBSD FoundationOpenSSLVMware (Broadcom Inc.)
Product-wbemfirewall_services_moduleapplication_and_content_networking_softwareaaa_servers8700okena_stormwatchmac_os_xthreat_responseapache-based_web_serverpix_firewallpropacks8500provider-1call_managerciscoworks_common_management_foundationclientless_vpn_gateway_4400secure_content_acceleratorvsus8300stonebeat_fullclustergsx_serverfirewall-1access_registrarstonebeat_securityclustergss_4480_global_site_selectortarantella_enterprisestonegate_vpn_clientproxysgvpn-1mac_os_x_serverenterprise_linux_desktopmds_9000enterprise_linuxwebstaropenserverbsafe_ssl-jioswebnssg203css11000_content_services_switchopenssllinuxintuity_audixserverclustersg5openbsdsg208sg200cacheos_ca_sastonegateciscoworks_common_servicesgss_4490_global_site_selectorimanagerinstant_virtual_extranetedirectorysidewinderhp-uxconverged_communications_serverstonebeat_webclustercrypto_accelerator_4000speed_technologies_litespeed_web_serverfreebsdpix_firewall_softwarecontent_services_switch_11500css_secure_content_acceleratorn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2003-1002
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_7600_ws-x6380-namfirewall_services_modulecatoscatalyst_7600_ws-svc-nam-2catalyst_7600_ws-svc-nam-1catalyst_6500_ws-x6380-namcatalyst_6500_ws-svc-nam-1catalyst_6500catalyst_6500_ws-svc-nam-2n/a
CVE-2003-0260
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-08 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3030_concentatorvpn_3000_concentrator_series_softwarevpn_3002_hardware_clientvpn_3060_concentratorvpn_3080_concentratorvpn_3015_concentratorn/a
CVE-2003-0259
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-08 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-vpn_3030_concentatorvpn_3000_concentrator_series_softwarevpn_3002_hardware_clientvpn_3060_concentratorvpn_3080_concentratorvpn_3015_concentratorn/a
CVE-2003-0305
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.05%
||
7 Day CHG~0.00%
Published-17 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2003-0511
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-15.40% / 94.37%
||
7 Day CHG~0.00%
Published-29 Jul, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found