A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.
Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.2(1). Known Fixed Releases: 6.0(0)SL1(0.14) 5.2(2.73)S0. Product identification: CSCtt15295.
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.
A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.168) 12.0(0.98000.178) 12.0(0.98000.399) 12.0(0.98000.510) 12.0(0.98000.536) 12.0(0.98500.7).
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.
Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition. More Information: CSCvb14425. Known Affected Releases: 6.1.1.BASE. Known Fixed Releases: 6.1.2.6i.MGBL 6.1.22.9i.MGBL 6.2.1.14i.MGBL.
Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could allow the attacker to crash the device in such a manner that manual intervention is required to recover. This vulnerability affects all Cisco IOS XR platforms that are running release 6.1.1 of Cisco IOS XR Software when the gRPC service is enabled on the device. The gRPC service is not enabled by default. Cisco Bug IDs: CSCvb14441.
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51.
A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199).
A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. The vulnerability is due to incomplete IPv6 UDP header validation. An attacker could exploit this vulnerability by sending a crafted IPv6 UDP packet to a specific port on the targeted device. An exploit could allow the attacker to impact the availability of the device as it could unexpectedly reload. This vulnerability affects Cisco Wireless LAN Controller (WLC) running software version 8.2.121.0 or 8.3.102.0. Cisco Bug IDs: CSCva98592.
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a denial of service (authentication outage) via a crafted Password Authentication Protocol (PAP) authentication request, aka Bug ID CSCun25815.
A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation of IPv6 traffic sent through an affected device. An attacker could exploit this vulnerability by sending a malformed IPv6 packet through an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition while the netstack process restarts. A sustained attack could lead to a reboot of the device.
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by submitting a crafted HTTP request to certain endpoints of the affected software. A successful exploit could allow an attacker to cause the web server to crash. Physical access to the device may be required for a restart.
A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition.
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process.
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
A vulnerability in the Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of input SIP traffic. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected Cisco Unified Communications Manager. A successful exploit could allow the attacker to trigger a new registration process on all connected phones, temporarily disrupting service.
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. The vulnerability is due to the incorrect processing of crafted AutoRP packets. An attacker could exploit this vulnerability by sending crafted packets to port UDP 496 on a reachable IP address on the device. A successful exploit could allow the attacker to cause the PIM process to restart. Software versions prior to 6.2.3, 6.3.2, 6.4.0, and 6.5.1 are affected.
A vulnerability in the User Data Services (UDS) API of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the management GUI. The vulnerability is due to improper validation of input parameters in the UDS API requests. An attacker could exploit this vulnerability by sending a crafted request to the UDS API of an affected device. A successful exploit could allow the attacker to make the A Cisco DB service quit unexpectedly, preventing admin access to the Unified CM management GUI. Manual intervention may be required to restore normal operation. Software versions 10.5, 11.5, 12.0, 12.5 are affected.
A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulnerability by requesting an excessive number of remote access VPN sessions. An exploit could allow the attacker to cause a DoS condition.
A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device reload. The vulnerability is due to the incorrect handling of certain IPv4 packet streams that are sent through the device. An attacker could exploit this vulnerability by sending specific IPv4 packet streams through the device. An exploit could allow the attacker to either cause an interface queue wedge or a device reload, resulting in a denial of service (DoS) condition.
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC requests to the affected device. A successful exploit could cause the emsd process to crash, resulting in a DoS condition. Resolved in Cisco IOS XR 6.5.1 and later.
A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912.
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203.
A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. This vulnerability affects Cisco ASR 5500 devices with Data Processing Card 2 (DPC2) running StarOS 18.0 or later. More Information: CSCvb12081. Known Affected Releases: 18.7.4 19.5.0 20.0.2.64048 20.2.3 21.0.0. Known Fixed Releases: 18.7.4 18.7.4.65030 18.8.M0.65044 19.5.0 19.5.0.65092 19.5.M0.65023 19.5.M0.65050 20.2.3 20.2.3.64982 20.2.3.65017 20.2.a4.65307 20.3.M0.64984 20.3.M0.65029 20.3.M0.65037 20.3.M0.65071 20.3.T0.64985 20.3.T0.65031 20.3.T0.65043 20.3.T0.65067 21.0.0 21.0.0.65256 21.0.M0.64922 21.0.M0.64983 21.0.M0.65140 21.0.V0.65150 21.1.A0.64932 21.1.A0.64987 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.65203 21.2.A0.65147.
Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.
Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.
Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 and later up to the first fixed release, Cisco AsyncOS Software for Web Security Appliances (WSA) all versions prior to the first fixed release. More Information: CSCux56406, CSCux59928. Known Affected Releases: 9.6.0-051 9.7.0-125 8.8.0-085 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.7.1-066 WSA10.0.0-233.
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.
Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005.
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767.
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. An exploit could allow the attacker to cause the reload of the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode.
A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known Fixed Releases: 9.1.1-038.
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-010.
Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382.
A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.