Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-3862

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-20 Apr, 2017 | 22:00
Updated At-05 Aug, 2024 | 14:39
Rejected At-
Credits

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCuu76493.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:20 Apr, 2017 | 22:00
Updated At:05 Aug, 2024 | 14:39
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCuu76493.

Affected Products
Vendor
n/a
Product
Cisco IOS and IOS XE
Versions
Affected
  • Cisco IOS and IOS XE
Problem Types
TypeCWE IDDescription
CWECWE-119CWE-119
Type: CWE
CWE ID: CWE-119
Description: CWE-119
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1038313
vdb-entry
x_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
x_refsource_CONFIRM
http://www.securityfocus.com/bid/97935
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1038313
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/97935
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1038313
vdb-entry
x_refsource_SECTRACK
x_transferred
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/97935
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1038313
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/97935
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:20 Apr, 2017 | 22:59
Updated At:20 Apr, 2025 | 01:37

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCuu76493.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi4
cpe:2.3:o:cisco:ios:12.2\(33\)sxi4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi4a
cpe:2.3:o:cisco:ios:12.2\(33\)sxi4a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi5
cpe:2.3:o:cisco:ios:12.2\(33\)sxi5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi6
cpe:2.3:o:cisco:ios:12.2\(33\)sxi6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi7
cpe:2.3:o:cisco:ios:12.2\(33\)sxi7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi8
cpe:2.3:o:cisco:ios:12.2\(33\)sxi8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi8a
cpe:2.3:o:cisco:ios:12.2\(33\)sxi8a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi9
cpe:2.3:o:cisco:ios:12.2\(33\)sxi9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi10
cpe:2.3:o:cisco:ios:12.2\(33\)sxi10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi11
cpe:2.3:o:cisco:ios:12.2\(33\)sxi11:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi12
cpe:2.3:o:cisco:ios:12.2\(33\)sxi12:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi13
cpe:2.3:o:cisco:ios:12.2\(33\)sxi13:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxi14
cpe:2.3:o:cisco:ios:12.2\(33\)sxi14:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj
cpe:2.3:o:cisco:ios:12.2\(33\)sxj:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj1
cpe:2.3:o:cisco:ios:12.2\(33\)sxj1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj2
cpe:2.3:o:cisco:ios:12.2\(33\)sxj2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj3
cpe:2.3:o:cisco:ios:12.2\(33\)sxj3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj4
cpe:2.3:o:cisco:ios:12.2\(33\)sxj4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj5
cpe:2.3:o:cisco:ios:12.2\(33\)sxj5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj6
cpe:2.3:o:cisco:ios:12.2\(33\)sxj6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj7
cpe:2.3:o:cisco:ios:12.2\(33\)sxj7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj8
cpe:2.3:o:cisco:ios:12.2\(33\)sxj8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj9
cpe:2.3:o:cisco:ios:12.2\(33\)sxj9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(33\)sxj10
cpe:2.3:o:cisco:ios:12.2\(33\)sxj10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ex
cpe:2.3:o:cisco:ios:12.2\(52\)ex:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ex1
cpe:2.3:o:cisco:ios:12.2\(52\)ex1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey
cpe:2.3:o:cisco:ios:12.2\(52\)ey:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey1
cpe:2.3:o:cisco:ios:12.2\(52\)ey1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey1b
cpe:2.3:o:cisco:ios:12.2\(52\)ey1b:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey1c
cpe:2.3:o:cisco:ios:12.2\(52\)ey1c:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey2
cpe:2.3:o:cisco:ios:12.2\(52\)ey2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey2a
cpe:2.3:o:cisco:ios:12.2\(52\)ey2a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey3
cpe:2.3:o:cisco:ios:12.2\(52\)ey3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey3a
cpe:2.3:o:cisco:ios:12.2\(52\)ey3a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(52\)ey4
cpe:2.3:o:cisco:ios:12.2\(52\)ey4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)ex
cpe:2.3:o:cisco:ios:12.2\(53\)ex:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)ey
cpe:2.3:o:cisco:ios:12.2\(53\)ey:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)ez
cpe:2.3:o:cisco:ios:12.2\(53\)ez:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)se
cpe:2.3:o:cisco:ios:12.2\(53\)se:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)se1
cpe:2.3:o:cisco:ios:12.2\(53\)se1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(53\)se2
cpe:2.3:o:cisco:ios:12.2\(53\)se2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(54\)se
cpe:2.3:o:cisco:ios:12.2\(54\)se:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(54\)sg
cpe:2.3:o:cisco:ios:12.2\(54\)sg:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(54\)sg1
cpe:2.3:o:cisco:ios:12.2\(54\)sg1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(54\)wo
cpe:2.3:o:cisco:ios:12.2\(54\)wo:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(54\)xo
cpe:2.3:o:cisco:ios:12.2\(54\)xo:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(55\)ex
cpe:2.3:o:cisco:ios:12.2\(55\)ex:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(55\)ex1
cpe:2.3:o:cisco:ios:12.2\(55\)ex1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(55\)ex2
cpe:2.3:o:cisco:ios:12.2\(55\)ex2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>12.2\(55\)ex3
cpe:2.3:o:cisco:ios:12.2\(55\)ex3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Secondarypsirt@cisco.com
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Secondary
Source: psirt@cisco.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/97935psirt@cisco.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038313psirt@cisco.com
N/A
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywisepsirt@cisco.com
Vendor Advisory
http://www.securityfocus.com/bid/97935af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038313af854a3a-2127-422b-91ae-364da2661108
N/A
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywiseaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97935
Source: psirt@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1038313
Source: psirt@cisco.com
Resource: N/A
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97935
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1038313
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1192Records found
CVE-2021-1241
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 20:10
Updated-12 Nov, 2024 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100b_routervedge_cloud_routersd-wan_vbond_orchestratorvedge_5000_routervedge_100_routersd-wan_firmwareios_xe_sd-wanvedge_2000_routersd-wan_vsmart_controller_firmwarevedge_100wm_routercatalyst_sd-wan_managervedge_1000_routervedge_100m_routerCisco SD-WAN Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0943
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2011-0949
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2011-1606
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.14% / 83.51%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtg62855.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2011-1613
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-28.91% / 96.39%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controller_softwaren/a
CVE-2011-0939
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.12%
||
7 Day CHG~0.00%
Published-03 Oct, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2011-0941
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-01 Nov, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or device reload) via a malformed SIP message, aka Bug IDs CSCti75128 and CSCtj09179.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_manageriosn/a
CVE-2016-1362
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.28%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-aireosn/a
CVE-2011-1640
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.13%
||
7 Day CHG~0.00%
Published-22 Oct, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2011-1605
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.14% / 83.51%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCth39586.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2011-1649
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.46%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, aka Bug IDs CSCtg67333 and CSCth25341.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_delivery_system_enginecontent_delivery_systemn/a
CVE-2011-0945
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-03 Oct, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2011-0946
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.12%
||
7 Day CHG~0.00%
Published-03 Oct, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2011-0349
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.21% / 78.17%
||
7 Day CHG~0.00%
Published-28 Jan, 2011 | 21:13
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-2011-0350.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ioscontent_services_gateway_second_generationn/a
CVE-2011-0391
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.73% / 71.69%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_recording_server_softwaretelepresence_recording_servern/a
CVE-2011-0393
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_500adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2011-0390
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.73% / 71.69%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_multipoint_switchtelepresence_multipoint_switch_softwaren/a
CVE-2011-0395
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5550adaptive_security_appliancepix_firewall_535pix_firewall_515asa_5520pix_firewall_506asa_5540asa_5510asa_5505pix_firewall_520asa_5580pix_500pix_506easa_5500pix_501pix_firewall_525n/a
CVE-2009-2050
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.88% / 82.38%
||
7 Day CHG~0.00%
Published-27 Aug, 2009 | 16:31
Updated-07 Aug, 2024 | 05:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CVE-2011-0388
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.00% / 76.07%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_recording_server_softwaretelepresence_recording_servertelepresence_multipoint_switchtelepresence_multipoint_switch_softwaren/a
CVE-2016-1364
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.13%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted Bonjour traffic, aka Bug ID CSCur66908.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controller_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0389
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID CSCth60993.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_multipoint_switchtelepresence_multipoint_switch_softwaren/a
CVE-2009-0636
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.50% / 80.39%
||
7 Day CHG~0.00%
Published-27 Mar, 2009 | 16:00
Updated-07 Aug, 2024 | 04:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2011-0377
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.60% / 68.53%
||
7 Day CHG~0.00%
Published-25 Feb, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_system_1100telepresence_system_softwaretelepresence_system_1300_seriestelepresence_system_3000telepresence_system_1000telepresence_system_3200_seriestelepresence_system_500_seriesn/a
CVE-2009-0619
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.44%
||
7 Day CHG~0.00%
Published-05 Mar, 2009 | 02:00
Updated-07 Aug, 2024 | 04:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series routers allows remote attackers to cause a denial of service (SBC card reload) via crafted packets to TCP port 2000.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-session_border_controllern/a
CVE-2011-0355
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.79% / 81.97%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

Action-Not Available
Vendor-n/aCisco Systems, Inc.VMware (Broadcom Inc.)
Product-1000v_virtual_ethernet_module_\(vem\)esxiesxn/a
CVE-2010-4672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4670
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.45% / 79.96%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_security_applianceadaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4682
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.49% / 80.31%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) by making many SIP calls, aka Bug ID CSCte20030.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4674
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allows remote attackers to cause a denial of service (block exhaustion) via multicast traffic, aka Bug ID CSCtg63992.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4691
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4683
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 73.97%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2010-4671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.11% / 83.40%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2010-4673
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-4679
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.04%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.61% / 81.00%
||
7 Day CHG~0.00%
Published-12 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-spa300_series_ip_phonespa300_firmwarespa500_firmwarespa500_series_ip_phonen/a
CVE-2010-4686
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.85% / 73.97%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2010-4692
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_55005500_series_adaptive_security_appliancen/a
CVE-2010-2827
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-16 Aug, 2010 | 18:25
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-2824
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-13 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of SSL packets, aka Bug ID CSCta20756.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ace_modulecatalyst_6500catalyst_7600n/a
CVE-2010-2815
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5550adaptive_security_appliancepix_firewall_535pix_firewall_515asa_5520pix_firewall_506asa_5540asa_5510asa_5505pix_firewall_520asa_5580pix_500pix_506easa_5500pix_501pix_firewall_525n/a
CVE-2010-2840
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-26 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presence_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-2832
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-23 Sep, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2010-2814
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5550adaptive_security_appliancepix_firewall_535pix_firewall_515asa_5520pix_firewall_506asa_5540asa_5510asa_5505pix_firewall_520asa_5580pix_500pix_506easa_5500pix_501pix_firewall_525n/a
CVE-2010-2819
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firewall_services_module_softwarecatalyst_6500firewall_services_modulecatalyst_7600n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-2834
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.12%
||
7 Day CHG~0.00%
Published-23 Sep, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_manageriosios_xen/a
CVE-2010-2816
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.09% / 76.99%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5550adaptive_security_appliancepix_firewall_535pix_firewall_515asa_5520pix_firewall_506asa_5540asa_5510asa_5505pix_firewall_520asa_5580pix_500pix_506easa_5500pix_501pix_firewall_525n/a
CVE-2010-2828
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-23 Sep, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CVE-2010-2820
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.37% / 58.12%
||
7 Day CHG~0.00%
Published-06 Aug, 2010 | 19:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61662.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firewall_services_module_softwarecatalyst_6500firewall_services_modulecatalyst_7600n/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 23
  • 24
  • Next
Details not found