Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-16019

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-23 Sep, 2020 | 00:26
Updated At-13 Nov, 2024 | 18:04
Rejected At-
Credits

Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:23 Sep, 2020 | 00:26
Updated At:13 Nov, 2024 | 18:04
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IOS XR Software
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-399CWE-399
Type: CWE
CWE ID: CWE-399
Description: CWE-399
Metrics
VersionBase scoreBase severityVector
3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:23 Sep, 2020 | 01:15
Updated At:05 Oct, 2020 | 16:57

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.6HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Secondary3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>asr_9000>>-
cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9010>>-
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9904>>-
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9910>>-
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9912>>-
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9922>>-
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>ncs_540>>-
cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5500>>-
cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_6000>>-
cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xr>>6.6.1
cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9000>>-
cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9000>>-
cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9010>>-
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9010>>-
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9904>>-
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9904>>-
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9910>>-
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9910>>-
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9912>>-
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9912>>-
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9922>>-
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*
Cisco Systems, Inc.
cisco
>>asr_9922>>-
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>carrier_routing_system>>-
cpe:2.3:h:cisco:carrier_routing_system:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xrv_9000>>-
cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5001>>-
cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5002>>-
cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5011>>-
cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_540>>-
cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5500>>-
cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_6000>>-
cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xr>>6.6.2
cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_540>>-
cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_540l>>-
cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5500>>-
cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_560>>-
cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios_xr>>6.6.25
cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>asr_9000>>-
cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9010>>-
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9904>>-
cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9910>>-
cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9912>>-
cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>asr_9922>>-
cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*
Cisco Systems, Inc.
cisco
>>ios_xrv_9000>>-
cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1001>>-
cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1002>>-
cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_1004>>-
cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5001>>-
cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5002>>-
cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_5011>>-
cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ncs_540>>-
cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-399Secondaryykramarz@cisco.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-399
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnykramarz@cisco.com
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

956Records found
CVE-2023-20158
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.30% / 53.21%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpsg500xg8f8tbusiness_250-16t-2g_firmwaresg250-10p_firmwaresf500-24mp_firmwaresf250-08hp_firmwaresf250-10p_firmwaresf250-26sg250x-24p_firmwarebusiness_350-16p-2gsf250x-48p_firmwaresf250-26_firmwarebusiness_250-48p-4xsg200-26sg250-18sg500-28sg350x-24mpsg550x-48p_firmwaresg200-50p_firmwaresg200-08psf250-24p_firmwarebusiness_350-8fp-e-2gsf200-24_firmwaresg550xg-8f8t_firmwarebusiness_250-48t-4xsg350xg-24tsf200e-24sg550xg-48t_firmwaresf350-48psg550xg-48tsg500x-24psf250-08_firmwarebusiness_350-48t-4gsf300-24mp_firmwaresf550x-24mp_firmwaresf200e-24psg350x-24mp_firmwaresg350-28sf250-26p_firmwaresf550x-48p_firmwaresg200-10fpbusiness_350-16fp-2gbusiness_350-8fp-2g_firmwarebusiness_350-16p-e-2gsf200e-48sg500x24mppsg250-50hp_firmwaresg350x-12pmvsg250-24business_250-8p-e-2g_firmwarebusiness_350-24s-4gsg350x-24business_350-24fp-4xbusiness_350-8mp-2xbusiness_350-48p-4gbusiness_350-8fp-e-2g_firmwaresf350-28mpsf550x-48_firmwaresg250x-24sg550xg-8f8tsf250-50psg250-24p_firmwaresg550xg-24tsf250-18_firmwaresf250-26hp_firmwaresg350-10p_firmwaresg355-10psg200-50psg200-26fp_firmwaresg350-10psg250-50psg300-52psf500-18p_firmwaresf350-20_firmwarebusiness_350-16xts_firmwarebusiness_350-12xssg250-26hpsf352-08_firmwaresg250x-48p_firmwarebusiness_250-16p-2gsf352-08mpsg350x-24pv_firmwaresf500-24p_firmwarebusiness_250-16p-2g_firmwarebusiness_350-8fp-2gbusiness_350-8p-e-2gsf200e-48psg500x-48mp_firmwarebusiness_250-8p-e-2gbusiness_250-24t-4x_firmwaresg300-10sfpsf500-24mpsg300-28_firmwarebusiness_250-8t-e-2gsf500-24psf200-24p_firmwaresf302-08ppsf300-48sg350xg-48t_firmwaresg250-26sg300-10sfp_firmwarebusiness_250-8pp-e-2g_firmwaresf550x-48mp_firmwaresf350-52sg250x-48sf550x-24_firmwaresf350-10_firmwaresf250-48hp_firmwaresg500x24mpp_firmwaresg300-28ppsf250-08hpbusiness_250-48t-4g_firmwaresg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresf550x-48psg550x-24mppsf350-20sf500-48pbusiness_350-24fp-4x_firmwaresg350xg-24f_firmwaresg500x-24mpp_firmwarebusiness_350-24xtsbusiness_250-24p-4xsg300-28mpsf350-24mpsf250-24_firmwaresg350-28mpsf302-08sg350x-48sg300-28pp_firmwarebusiness_350-24mgp-4x_firmwaresg350-10mp_firmwaresf302-08mpp_firmwarebusiness_350-8xt_firmwarebusiness_250-8pp-e-2gsf500-48mpsg300-52p_firmwaresg300-10psf550x-24p_firmwarebusiness_350-24p-4xsg300-10mp_firmwaresg200-08p_firmwaresf200-24fp_firmwarebusiness_350-12xs_firmwaresg550x-24business_350-24p-4gsf300-08sf350-52psf250x-24_firmwarebusiness_350-16xtsbusiness_350-8s-e-2gsf350-48_firmwaresg250-10psg200-08business_250-8pp-dsg250-50_firmwaresf250-10psg350xg-2f10_firmwaresf250x-24p_firmwaresf250-50_firmwaresg250-08sg350-28psg250-26hp_firmwarebusiness_350-8xtbusiness_250-48t-4gbusiness_350-24xs_firmwaresf200e48p_firmwaresf200e-24p_firmwaresg350xg-48tbusiness_350-48t-4x_firmwaresg350-28_firmwaresg300-10_firmwaresg350x-8pmdsg350x-48psf200e-48p_firmwaresg500x-24business_350-24xt_firmwarebusiness_250-16t-2gsf350-10sfp_firmwarebusiness_350-48ngp-4x_firmwaresg350-10_firmwarebusiness_350-12np-4x_firmwaresf350-52p_firmwaresg250x-48psg500x-24p_firmwaresg250-48sg550x-24p_firmwarebusiness_350-16t-e-2g_firmwaresf200-24fpsg500xg-8f8t_firmwarebusiness_250-24pp-4gbusiness_250-48p-4gsf300-24psg250-48hp_firmwaresg550xg-24t_firmwaresg550x-48t_firmwarebusiness_250-24t-4g_firmwaresf302-08mppsg500-52ppsf250-48_firmwaresg350x-48p_firmwarebusiness_350-24xtsg300-28mp_firmwaresf550x-24mpbusiness_350-48fp-4x_firmwarebusiness_350-8t-e-2gsg250-50hpsg550x-24mpp_firmwaresg200-18business_350-24p-4g_firmwaresg250-48hpbusiness_350-24t-4xsg350xg-24fsg500x-48mpsf200-48_firmwaresg500xg-8f8tsg300-28sfp_firmwaresg500-28_firmwaresf350-28psf350-8pdbusiness_350-48ngp-4xsf355-10p_firmwarebusiness_350-8t-e-2g_firmwaresf300-24pp_firmwarebusiness_350-24fp-4g_firmwarebusiness_250-8t-e-2g_firmwarebusiness_250-8fp-e-2g_firmwarebusiness_350-12xtsf250-24psf250-08sg300-10p_firmwaresf350-10psg250-18_firmwaresg300-52_firmwaresf350-24pbusiness_350-48fp-4xbusiness_250-48pp-4g_firmwarebusiness_350-8s-e-2g_firmwaresg300-52sg250x-24psg500x-48sg200-26_firmwaresf200e48pbusiness_250-8pp-d_firmwaresf350-24sg300-20sg500-28psg500-52pp_firmwaresg550x-48tsg350x-48_firmwaresg250-24psf200-48sf350-24mp_firmwaresf350-52mp_firmwaresf250x-48_firmwaresg350x-24_firmwaresg550x-48mp_firmwaresf350-48sf350-52mpsf300-24_firmwaresf300-48psf350-10sfpsf350-28mp_firmwaresg350x-48pvsg500-28mpp_firmwaresg500-52pbusiness_250-24fp-4g_firmwarebusiness_250-8t-d_firmwaresf250-24business_250-48p-4g_firmwaresf300-24ppsg550x-48pbusiness_250-24fp-4x_firmwaresf250-50hpsg350x-48mp_firmwaresg550xg-24f_firmwaresg250x-24_firmwaresf350-8mpbusiness_350-24mgp-4xbusiness_350-24xssg350x-12pmv_firmwaresg355-10mpsf352-08mp_firmwaresg300-10mpp_firmwaresf350-24p_firmwaresf250-50hp_firmwaresf350-24_firmwaresg200-50business_250-48pp-4gsg300-52mpsf250x-24psf250x-48pbusiness_350-48t-4g_firmwaresf200-48p_firmwaresf352-08sg500-28pp_firmwarebusiness_350-24t-4x_firmwarebusiness_350-48fp-4g_firmwaresf250-48business_350-12np-4xbusiness_350-8p-2g_firmwaresg300-20_firmwaresf350-28sfp_firmwaresf250x-24business_350-24fp-4gsf500-48sg200-50fpsg550x-24_firmwaresg250x-48_firmwaresg500-28mppbusiness_350-16p-2g_firmwaresf350-8pd_firmwaresg250-50p_firmwaresf350-48p_firmwarebusiness_350-24xts_firmwaresf350-10mp_firmwaresg355-10mp_firmwarebusiness_350-8p-2gsg350x-24pd_firmwarebusiness_250-24pp-4g_firmwaresf350-08sf250-50sg350-28p_firmwaresg350xg-2f10sg500xg8f8t_firmwaresg350x-8pmd_firmwarebusiness_250-24p-4g_firmwaresf250-26hpbusiness_350-48p-4xbusiness_350-24s-4g_firmwaresg350-10mpbusiness_350-16t-2gsg250-24_firmwaresf550x-24sg500-52p_firmwaresf200-24psf500-48p_firmwaresf350-28business_350-8mgp-2xsf200e-24_firmwarebusiness_350-12xt_firmwarebusiness_250-24fp-4xsf350-48mp_firmwaresg350-28mp_firmwarebusiness_350-24ngp-4xsf200-24sf250-26psg500-28ppsg500x-48pbusiness_350-48xt-4x_firmwaresg250-26_firmwaresf200e-48_firmwarebusiness_350-24ngp-4x_firmwaresg355-10p_firmwaresg500x-48mppsg500x-48p_firmwarebusiness_350-24p-4x_firmwaresg550x-24mp_firmwaresg200-18_firmwarebusiness_350-8mgp-2x_firmwaresf300-48ppsg500x-24_firmwaresf350-10mpsg350xg-24t_firmwaresg550x-48_firmwaresg350x-24p_firmwaresf302-08_firmwaresg250-48_firmwarebusiness_250-8fp-e-2gsg300-10mpsf350-28_firmwaresf350-10p_firmwaresf250-18sf352-08psg300-10ppsf500-18psf350-8mp_firmwarebusiness_350-24t-4gbusiness_350-8p-e-2g_firmwaresg500x-48mpp_firmwaresf350-28p_firmwaresg200-26fpsg200-26p_firmwaresf550x-48sf350-10sg350x-48pv_firmwaresg300-28sg350x-24pdsg200-10fp_firmwaresg550xg-24fbusiness_350-48p-4x_firmwaresg250-08hpbusiness_250-24p-4x_firmwaresf250x-48sg550x-24mpsg350-10business_350-8mp-2x_firmwaresf300-24p_firmwaresg550x-48mpbusiness_350-16p-e-2g_firmwaresg200-50fp_firmwarebusiness_250-24p-4gsg250-26psg300-10pp_firmwaresf500-24sf550x-24psg300-10sf352-08p_firmwaresf300-48p_firmwaresf350-48mpbusiness_350-16t-2g_firmwaresg250-50sg300-10mppbusiness_350-24t-4g_firmwaresg300-28psg350x-24pvbusiness_250-24t-4xsf300-24sf200-48psg200-26psg550x-24pbusiness_250-8t-dbusiness_250-24fp-4gsg200-08_firmwaresg350x-48mpbusiness_350-48t-4xsg500x-24mppsg300-28sfpsg550x-48sf300-48pp_firmwaresg250-08_firmwaresf300-24mpbusiness_250-24t-4gsg350x-24psf350-52_firmwarebusiness_250-48t-4x_firmwaresf350-28sfpbusiness_250-48p-4x_firmwaresf302-08pp_firmwaresf250-48hpbusiness_350-16t-e-2gsg500x-48_firmwaresg200-50_firmwaresg250-26p_firmwaresf300-08_firmwarebusiness_350-48xt-4xsf250-50p_firmwarebusiness_350-16fp-2g_firmwarebusiness_350-48p-4g_firmwaresf500-24_firmwaresf350-08_firmwaresg250-08hp_firmwaresf500-48mp_firmwaresf300-48_firmwaresf355-10pbusiness_350-48fp-4gsg300-28p_firmwareCisco Small Business Smart and Managed Switches 550x_series_stackable_managed_switches_firmware250_series_smart_switches_firmwaresmall_business_500_series_stackable_managed_switches_firmwarebusiness_350_series_managed_switches_firmwaresmall_business_200_series_smart_switches_firmwaresmall_business_300_series_managed_switches_firmwarebusiness_250_series_smart_switches_firmware350x_series_stackable_managed_switches_firmware350_series_managed_switches_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-20086
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.42% / 60.92%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 16:42
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-248
Uncaught Exception
CVE-2022-20760
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.59% / 85.00%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20033
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.17% / 39.16%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:20
Updated-18 Jun, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper resource management when processing traffic that is received on the management interface. An attacker could exploit this vulnerability by sending a high rate of traffic to the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3650-48fqm-lcatalyst_3850-24xs-ecatalyst_3650-24ps-scatalyst_3850-32xs-ecatalyst_3850-12s-scatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-24pdm-lcatalyst_3850-16xs-scatalyst_3850-48f-scatalyst_3650-12x48ur-lcatalyst_3850-48pw-scatalyst_3850-24u-scatalyst_3850-24ucatalyst_c3850-12x48u-lcatalyst_3650-24pdcatalyst_3650-24ts-ecatalyst_3650-24ps-lcatalyst_3850-48f-ecatalyst_3650-48td-scatalyst_3650-24pdmcatalyst_3650-8x24pd-scatalyst_3850-48u-lcatalyst_3650-12x48uz-scatalyst_3650-48ts-lcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gcatalyst_3650-8x24uq-lcatalyst_3650-48fd-lcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fs-ecatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_3650-24ts-lcatalyst_3850-32xs-scatalyst_3650-12x48uzcatalyst_3650-48ps-lcatalyst_3650-12x48fd-ecatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_3850-48xs-ecatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_3850-48xscatalyst_3650-48td-ecatalyst_3650-12x48uqcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-scatalyst_3850-48ucatalyst_3650-8x24pd-lcatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3650-8x24pd-ecatalyst_3650-48fqcatalyst_3650-48fq-lcatalyst_3650-12x48uz-ecatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_3650-12x48uq-scatalyst_3850-24xu-ecatalyst_3650-12x48ur-scatalyst_3650-12x48uq-ecatalyst_3850-48p-scatalyst_3850-12x48ucatalyst_3650-48pd-scatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_3650-8x24uqcatalyst_3850-48u-scatalyst_3650-24pd-ecatalyst_3850-16xs-ecatalyst_3650-12x48uz-lcatalyst_3650-48tq-scatalyst_3650-24pdm-scatalyst_3850-24xucatalyst_3850-48xs-f-ecatalyst_3850-48p-ecatalyst_3650-12x48ur-ecatalyst_3850-12s-ecatalyst_3850-24p-lcatalyst_3650-48fqm-scatalyst_3850-48t-lcatalyst_3650-48fd-ecatalyst_3850-24t-ecatalyst_3850-24xscatalyst_3650-24ts-scatalyst_3650-24ps-ecatalyst_3650-12x48fd-scatalyst_c3850-12x48u-ecatalyst_3650-12x48uq-lcatalyst_3850-24xs-scatalyst_3650-48ps-scatalyst_3650-48fq-ecatalyst_3650-8x24uq-scatalyst_3650-48tq-lcatalyst_3650-48fqm-ecatalyst_3650-48pd-ecatalyst_3650-24pdm-ecatalyst_3650-12x48fd-lcatalyst_3850-12xs-ecatalyst_3850-24u-ecatalyst_3850-48xs-scatalyst_3650-48fq-sios_xecatalyst_3650-48ts-ecatalyst_3850-48p-lcatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_3850-nm-8-10gcatalyst_3850-48t-ecatalyst_3650-48ts-scatalyst_3650-48pq-scatalyst_3850-24xu-scatalyst_3650-48ps-ecatalyst_3650-48fqmcatalyst_3650-48td-lcatalyst_c3850-12x48u-sCisco IOS XE Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-20125
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.26% / 49.22%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 14:58
Updated-26 Nov, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco BroadWorks Network Server TCP Denial of Service Vulnerability

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. A successful exploit could allow the attacker to cause TCP connection resources to grow rapidly until the Cisco BroadWorks Network Server becomes unusable. Note: To recover from this vulnerability, either Cisco BroadWorks Network Server software must be restarted or the Cisco BroadWorks Network Server node must be rebooted. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco BroadWorksbroadworks_network_server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-20757
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.23% / 78.32%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20748
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.13% / 77.45%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-20947
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 36.11%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 17:29
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-20746
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-20259
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.14% / 35.07%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 16:13
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unity_connectionprime_collaboration_deploymentunified_communications_managerunified_communications_manager_im_\&_presence_serviceemergency_responderCisco Emergency ResponderCisco Unified Communications ManagerCisco Prime Collaboration DeploymentCisco Unity ConnectionCisco Unified Communications Manager IM and Presence Service
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-20624
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-5.76% / 90.12%
||
7 Day CHG~0.00%
Published-23 Feb, 2022 | 17:40
Updated-06 Nov, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3132q-xnexus_3636c-rnexus_9508nx-osucs_64108nexus_92304qcnexus_92160yc-xn9k-c9332d-gx2bn9k-c9316d-gxnexus_9504nexus_3048nexus_3524-xln9k-c9348d-gx2anexus_3548-xlnexus_31128pqnexus_3132q-vnexus_3164qnexus_3172pqnexus_92300ycnexus_92348gc-xnexus_3132c-znexus_3524-xnexus_31108tc-vnexus_3232cn9k-c9364d-gx2an9k-c93600cd-gxnexus_9272qnexus_3464cnexus_36180yc-rnexus_3264c-enexus_3264qnexus_3548-xnexus_3132q-xlnexus_3432d-snexus_3172tq-xlucs_6454nexus_3408-snexus_34180ycnexus_31108pc-vnexus_9236cnexus_9516nexus_3172pq-xlCisco NX-OS Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20745
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.71%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20682
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.47% / 63.83%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20856
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.39% / 59.21%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-40catalyst_9800-l-ccatalyst_9800catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CVE-2023-20095
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.16% / 37.31%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:14
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2023-20072
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.55% / 66.83%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of large fragmented tunnel protocol packets. One example of a tunnel protocol is Generic Routing Encapsulation (GRE). An attacker could exploit this vulnerability by sending crafted fragmented packets to an affected system. A successful exploit could allow the attacker to cause the affected system to reload, resulting in a DoS condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20189
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-4.30% / 88.43%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpsg500xg8f8tbusiness_250-16t-2g_firmwaresg250-10p_firmwaresf500-24mp_firmwaresf250-08hp_firmwaresf250-10p_firmwaresf250-26sg250x-24p_firmwarebusiness_350-16p-2gsf250x-48p_firmwaresf250-26_firmwarebusiness_250-48p-4xsg200-26sg250-18sg500-28sg350x-24mpsg550x-48p_firmwaresg200-50p_firmwaresg200-08psf250-24p_firmwarebusiness_350-8fp-e-2gsf200-24_firmwaresg550xg-8f8t_firmwarebusiness_250-48t-4xsg350xg-24tsf200e-24sg550xg-48t_firmwaresf350-48psg550xg-48tsg500x-24psf250-08_firmwarebusiness_350-48t-4gsf300-24mp_firmwaresf550x-24mp_firmwaresf200e-24psg350x-24mp_firmwaresg350-28sf250-26p_firmwaresf550x-48p_firmwaresg200-10fpbusiness_350-16fp-2gbusiness_350-8fp-2g_firmwarebusiness_350-16p-e-2gsf200e-48sg500x24mppsg250-50hp_firmwaresg350x-12pmvsg250-24business_250-8p-e-2g_firmwarebusiness_350-24s-4gsg350x-24business_350-24fp-4xbusiness_350-8mp-2xbusiness_350-48p-4gbusiness_350-8fp-e-2g_firmwaresf350-28mpsf550x-48_firmwaresg250x-24sg550xg-8f8tsf250-50psg250-24p_firmwaresg550xg-24tsf250-18_firmwaresf250-26hp_firmwaresg350-10p_firmwaresg355-10psg200-50psg200-26fp_firmwaresg350-10psg250-50psg300-52psf500-18p_firmwaresf350-20_firmwarebusiness_350-16xts_firmwarebusiness_350-12xssg250-26hpsf352-08_firmwaresg250x-48p_firmwarebusiness_250-16p-2gsf352-08mpsg350x-24pv_firmwaresf500-24p_firmwarebusiness_250-16p-2g_firmwarebusiness_350-8fp-2gbusiness_350-8p-e-2gsf200e-48psg500x-48mp_firmwarebusiness_250-8p-e-2gbusiness_250-24t-4x_firmwaresg300-10sfpsf500-24mpsg300-28_firmwarebusiness_250-8t-e-2gsf500-24psf200-24p_firmwaresf302-08ppsf300-48sg350xg-48t_firmwaresg250-26sg300-10sfp_firmwarebusiness_250-8pp-e-2g_firmwaresf550x-48mp_firmwaresf350-52sg250x-48sf550x-24_firmwaresf350-10_firmwaresf250-48hp_firmwaresg500x24mpp_firmwaresg300-28ppsf250-08hpbusiness_250-48t-4g_firmwaresg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresf550x-48psg550x-24mppsf350-20sf500-48pbusiness_350-24fp-4x_firmwaresg350xg-24f_firmwaresg500x-24mpp_firmwarebusiness_350-24xtsbusiness_250-24p-4xsg300-28mpsf350-24mpsf250-24_firmwaresg350-28mpsf302-08sg350x-48sg300-28pp_firmwarebusiness_350-24mgp-4x_firmwaresg350-10mp_firmwaresf302-08mpp_firmwarebusiness_350-8xt_firmwarebusiness_250-8pp-e-2gsf500-48mpsg300-52p_firmwaresg300-10psf550x-24p_firmwarebusiness_350-24p-4xsg300-10mp_firmwaresg200-08p_firmwaresf200-24fp_firmwarebusiness_350-12xs_firmwaresg550x-24business_350-24p-4gsf300-08sf350-52psf250x-24_firmwarebusiness_350-16xtsbusiness_350-8s-e-2gsf350-48_firmwaresg250-10psg200-08business_250-8pp-dsg250-50_firmwaresf250-10psg350xg-2f10_firmwaresf250x-24p_firmwaresf250-50_firmwaresg250-08sg350-28psg250-26hp_firmwarebusiness_350-8xtbusiness_250-48t-4gbusiness_350-24xs_firmwaresf200e48p_firmwaresf200e-24p_firmwaresg350xg-48tbusiness_350-48t-4x_firmwaresg350-28_firmwaresg300-10_firmwaresg350x-8pmdsg350x-48psf200e-48p_firmwaresg500x-24business_350-24xt_firmwarebusiness_250-16t-2gsf350-10sfp_firmwarebusiness_350-48ngp-4x_firmwaresg350-10_firmwarebusiness_350-12np-4x_firmwaresf350-52p_firmwaresg250x-48psg500x-24p_firmwaresg250-48sg550x-24p_firmwarebusiness_350-16t-e-2g_firmwaresf200-24fpsg500xg-8f8t_firmwarebusiness_250-24pp-4gbusiness_250-48p-4gsf300-24psg250-48hp_firmwaresg550xg-24t_firmwaresg550x-48t_firmwarebusiness_250-24t-4g_firmwaresf302-08mppsg500-52ppsf250-48_firmwaresg350x-48p_firmwarebusiness_350-24xtsg300-28mp_firmwaresf550x-24mpbusiness_350-48fp-4x_firmwarebusiness_350-8t-e-2gsg250-50hpsg550x-24mpp_firmwaresg200-18business_350-24p-4g_firmwaresg250-48hpbusiness_350-24t-4xsg350xg-24fsg500x-48mpsf200-48_firmwaresg500xg-8f8tsg300-28sfp_firmwaresg500-28_firmwaresf350-28psf350-8pdbusiness_350-48ngp-4xsf355-10p_firmwarebusiness_350-8t-e-2g_firmwaresf300-24pp_firmwarebusiness_350-24fp-4g_firmwarebusiness_250-8t-e-2g_firmwarebusiness_250-8fp-e-2g_firmwarebusiness_350-12xtsf250-24psf250-08sg300-10p_firmwaresf350-10psg250-18_firmwaresg300-52_firmwaresf350-24pbusiness_350-48fp-4xbusiness_250-48pp-4g_firmwarebusiness_350-8s-e-2g_firmwaresg300-52sg250x-24psg500x-48sg200-26_firmwaresf200e48pbusiness_250-8pp-d_firmwaresf350-24sg300-20sg500-28psg500-52pp_firmwaresg550x-48tsg350x-48_firmwaresg250-24psf200-48sf350-24mp_firmwaresf350-52mp_firmwaresf250x-48_firmwaresg350x-24_firmwaresg550x-48mp_firmwaresf350-48sf350-52mpsf300-24_firmwaresf300-48psf350-10sfpsf350-28mp_firmwaresg350x-48pvsg500-28mpp_firmwaresg500-52pbusiness_250-24fp-4g_firmwarebusiness_250-8t-d_firmwaresf250-24business_250-48p-4g_firmwaresf300-24ppsg550x-48pbusiness_250-24fp-4x_firmwaresf250-50hpsg350x-48mp_firmwaresg550xg-24f_firmwaresg250x-24_firmwaresf350-8mpbusiness_350-24mgp-4xbusiness_350-24xssg350x-12pmv_firmwaresg355-10mpsf352-08mp_firmwaresg300-10mpp_firmwaresf350-24p_firmwaresf250-50hp_firmwaresf350-24_firmwaresg200-50business_250-48pp-4gsg300-52mpsf250x-24psf250x-48pbusiness_350-48t-4g_firmwaresf200-48p_firmwaresf352-08sg500-28pp_firmwarebusiness_350-24t-4x_firmwarebusiness_350-48fp-4g_firmwaresf250-48business_350-12np-4xbusiness_350-8p-2g_firmwaresg300-20_firmwaresf350-28sfp_firmwaresf250x-24business_350-24fp-4gsf500-48sg200-50fpsg550x-24_firmwaresg250x-48_firmwaresg500-28mppbusiness_350-16p-2g_firmwaresf350-8pd_firmwaresg250-50p_firmwaresf350-48p_firmwarebusiness_350-24xts_firmwaresf350-10mp_firmwaresg355-10mp_firmwarebusiness_350-8p-2gsg350x-24pd_firmwarebusiness_250-24pp-4g_firmwaresf350-08sf250-50sg350-28p_firmwaresg350xg-2f10sg500xg8f8t_firmwaresg350x-8pmd_firmwarebusiness_250-24p-4g_firmwaresf250-26hpbusiness_350-48p-4xbusiness_350-24s-4g_firmwaresg350-10mpbusiness_350-16t-2gsg250-24_firmwaresf550x-24sg500-52p_firmwaresf200-24psf500-48p_firmwaresf350-28business_350-8mgp-2xsf200e-24_firmwarebusiness_350-12xt_firmwarebusiness_250-24fp-4xsf350-48mp_firmwaresg350-28mp_firmwarebusiness_350-24ngp-4xsf200-24sf250-26psg500-28ppsg500x-48pbusiness_350-48xt-4x_firmwaresg250-26_firmwaresf200e-48_firmwarebusiness_350-24ngp-4x_firmwaresg355-10p_firmwaresg500x-48mppsg500x-48p_firmwarebusiness_350-24p-4x_firmwaresg550x-24mp_firmwaresg200-18_firmwarebusiness_350-8mgp-2x_firmwaresf300-48ppsg500x-24_firmwaresf350-10mpsg350xg-24t_firmwaresg550x-48_firmwaresg350x-24p_firmwaresf302-08_firmwaresg250-48_firmwarebusiness_250-8fp-e-2gsg300-10mpsf350-28_firmwaresf350-10p_firmwaresf250-18sf352-08psg300-10ppsf500-18psf350-8mp_firmwarebusiness_350-24t-4gbusiness_350-8p-e-2g_firmwaresg500x-48mpp_firmwaresf350-28p_firmwaresg200-26fpsg200-26p_firmwaresf550x-48sf350-10sg350x-48pv_firmwaresg300-28sg350x-24pdsg200-10fp_firmwaresg550xg-24fbusiness_350-48p-4x_firmwaresg250-08hpbusiness_250-24p-4x_firmwaresf250x-48sg550x-24mpsg350-10business_350-8mp-2x_firmwaresf300-24p_firmwaresg550x-48mpbusiness_350-16p-e-2g_firmwaresg200-50fp_firmwarebusiness_250-24p-4gsg250-26psg300-10pp_firmwaresf500-24sf550x-24psg300-10sf352-08p_firmwaresf300-48p_firmwaresf350-48mpbusiness_350-16t-2g_firmwaresg250-50sg300-10mppbusiness_350-24t-4g_firmwaresg300-28psg350x-24pvbusiness_250-24t-4xsf300-24sf200-48psg200-26psg550x-24pbusiness_250-8t-dbusiness_250-24fp-4gsg200-08_firmwaresg350x-48mpbusiness_350-48t-4xsg500x-24mppsg300-28sfpsg550x-48sf300-48pp_firmwaresg250-08_firmwaresf300-24mpbusiness_250-24t-4gsg350x-24psf350-52_firmwarebusiness_250-48t-4x_firmwaresf350-28sfpbusiness_250-48p-4x_firmwaresf302-08pp_firmwaresf250-48hpbusiness_350-16t-e-2gsg500x-48_firmwaresg200-50_firmwaresg250-26p_firmwaresf300-08_firmwarebusiness_350-48xt-4xsf250-50p_firmwarebusiness_350-16fp-2g_firmwarebusiness_350-48p-4g_firmwaresf500-24_firmwaresf350-08_firmwaresg250-08hp_firmwaresf500-48mp_firmwaresf300-48_firmwaresf355-10pbusiness_350-48fp-4gsg300-28p_firmwareCisco Small Business Smart and Managed Switches 550x_series_stackable_managed_switches_firmware250_series_smart_switches_firmwaresmall_business_500_series_stackable_managed_switches_firmwarebusiness_350_series_managed_switches_firmwaresmall_business_200_series_smart_switches_firmwaresmall_business_300_series_managed_switches_firmwarebusiness_250_series_smart_switches_firmware350x_series_stackable_managed_switches_firmware350_series_managed_switches_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-12270
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 74.58%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. Cisco Bug IDs: CSCvb99388.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrCisco IOS XR
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12217
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 67.00%
||
7 Day CHG~0.00%
Published-07 Sep, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation of GPRS Tunneling Protocol packet headers. An attacker could exploit this vulnerability by sending a malformed GPRS Tunneling Protocol packet to an affected device. A successful exploit could allow the attacker to cause the GTPUMGR process on an affected device to restart unexpectedly, resulting in a partial DoS condition. If the GTPUMGR process restarts, there could be a brief impact on traffic passing through the device. Cisco Bug IDs: CSCve07119.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5500asr_5500_firmwareCisco ASR 5500 System Architecture Evolution Gateway
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12259
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.41% / 79.71%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by sending malformed SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA51x Series IP Phones that are running Cisco SPA51x Firmware Release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63982.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-small_business_ip_phonesmall_business_ip_phone_firmwareCisco Small Business SPA51x Series IP Phones
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3819
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.60% / 68.57%
||
7 Day CHG~0.00%
Published-08 Jan, 2009 | 19:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote attackers to cause a denial of service (daemon crash) via a series of crafted DNS requests, aka Bug ID CSCsj70093.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-gss_4491_global_site_selectorgss_4490_global_site_selectorgss_4480_global_site_selectorgss_4492r_global_site_selectorn/a
CVE-2017-12293
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.65% / 81.23%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverCisco WebEx Meetings Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12260
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.41% / 79.71%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by using formatted specifiers in a SIP payload that is sent to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones that are running firmware release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63986.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-spa_514gspa_504g_firmwarespa_502g_firmwarespa_501gspa_502gspa_512g_firmwarespa_508gspa_501g_firmwarespa_514g_firmwarespa_509gspa_525g_firmwarespa_509g_firmwarespa_504gspa_512gspa_525gspa_508g_firmwareCisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12264
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.96% / 75.54%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP packet to the affected system. A successful exploit could allow the attacker to cause a reload of the Web Admin Server. Cisco Bug IDs: CSCve89149.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-meeting_serverCisco Meeting Server
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3359
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:02
Updated-19 Dec, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability

A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device. A successful exploit could cause a device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe2611xmcatalyst_9800-l2651xm2610xm2612catalyst_9800-40catalyst_9800-l-ccatalyst_9800-cl26912650xmcatalyst_9800-80catalyst_9800-l-f2621xm2620xmCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20083
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.26% / 48.63%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:16
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2008-4544
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.43% / 87.01%
||
7 Day CHG~0.00%
Published-13 Oct, 2008 | 18:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unityn/a
CVE-2020-3164
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.81% / 73.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2020 | 18:40
Updated-15 Nov, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-web_security_applianceemail_security_appliancecontent_security_management_appliancecloud_email_securityCisco Web Security Appliance (WSA)
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3408
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tiosasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS
CWE ID-CWE-185
Incorrect Regular Expression
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3528
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3255
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.98%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-9210
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-2.28% / 84.01%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.168) 12.0(0.98000.178) 12.0(0.98000.399) 12.0(0.98000.510) 12.0(0.98000.536) 12.0(0.98500.7).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managerCisco Unified Reporting
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-20455
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.48% / 64.14%
||
7 Day CHG+0.12%
Published-25 Sep, 2024 | 16:18
Updated-24 Oct, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because UTD improperly handles certain packets as those packets egress an SD-WAN IPsec tunnel. An attacker could exploit this vulnerability by sending crafted traffic through an SD-WAN IPsec tunnel that is configured on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: SD-WAN tunnels that are configured with Generic Routing Encapsulation (GRE) are not affected by this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeios_xe_sd-wanCisco IOS XE SoftwareCisco IOS XE Catalyst SD-WANios_xeios_xe_catalyst_sd-wan
CWE ID-CWE-371
Not Available
CVE-2016-6469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.99% / 75.98%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-010.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceCisco Web Security Appliance (WSA)
CVE-2016-6421
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 66.83%
||
7 Day CHG~0.00%
Published-05 Oct, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
CVE-2016-6467
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.79% / 82.00%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5000_series_softwareasr_5000Cisco Aggregation Services Router (ASR) 5000 Series Switch
CVE-2016-6455
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.78% / 72.68%
||
7 Day CHG~0.00%
Published-03 Nov, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. This vulnerability affects Cisco ASR 5500 devices with Data Processing Card 2 (DPC2) running StarOS 18.0 or later. More Information: CSCvb12081. Known Affected Releases: 18.7.4 19.5.0 20.0.2.64048 20.2.3 21.0.0. Known Fixed Releases: 18.7.4 18.7.4.65030 18.8.M0.65044 19.5.0 19.5.0.65092 19.5.M0.65023 19.5.M0.65050 20.2.3 20.2.3.64982 20.2.3.65017 20.2.a4.65307 20.3.M0.64984 20.3.M0.65029 20.3.M0.65037 20.3.M0.65071 20.3.T0.64985 20.3.T0.65031 20.3.T0.65043 20.3.T0.65067 21.0.0 21.0.0.65256 21.0.M0.64922 21.0.M0.64983 21.0.M0.65140 21.0.V0.65150 21.1.A0.64932 21.1.A0.64987 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.65203 21.2.A0.65147.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_5500asr_5000_softwareCisco StarOS 18.x through 21.x
CVE-1999-0430
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_5xxx_supervisor_softwarecatalyst_12xx_supervisor_softwarecatalyst_29xx_supervisor_softwaren/a
CVE-1999-0230
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.40%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Cisco 7xx routers through the telnet service.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CVE-2016-6358
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.03% / 76.38%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known Fixed Releases: 9.1.1-038.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_applianceCisco Email Security Appliance (ESA) through 9.7.1-000
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6360
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.36% / 79.39%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 and later up to the first fixed release, Cisco AsyncOS Software for Web Security Appliances (WSA) all versions prior to the first fixed release. More Information: CSCux56406, CSCux59928. Known Affected Releases: 9.6.0-051 9.7.0-125 8.8.0-085 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.7.1-066 WSA10.0.0-233.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceemail_security_applianceCisco AsyncOS through WSA10.0.0-000
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6407
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.20% / 78.06%
||
7 Day CHG~0.00%
Published-17 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_appliancen/a
CVE-2024-20314
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.17% / 77.78%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:57
Updated-30 Jul, 2025 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Softwareios_xe
CWE ID-CWE-783
Operator Precedence Logic Error
CVE-2024-20271
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.46% / 63.00%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 17:05
Updated-06 Aug, 2025 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could exploit this vulnerability by sending a crafted IPv4 packet either to or through an affected device. A successful exploit could allow the attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To successfully exploit this vulnerability, the attacker does not need to be associated with the affected AP. This vulnerability cannot be exploited by sending IPv6 packets.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-business_140ac_access_pointbusiness_240acbusiness_145ac_access_pointbusiness_141acmbusiness_140acbusiness_151axmbusiness_142acmbusiness_143acmbusiness_access_pointsios_xebusiness_150axbusiness_150ax_access_pointbusiness_145acwireless_lan_controller_softwareCisco Business Wireless Access Point SoftwareCisco Aironet Access Point SoftwareCisco Aironet Access Point Software (IOS XE Controller)aironet_access_point_software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20339
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.78% / 72.71%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:09
Updated-08 Aug, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareCisco Firepower Threat Defense Softwarefirepower_threat_defense_software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-20259
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.57% / 67.58%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:53
Updated-30 Apr, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: The attack vector is listed as network because a DHCP relay anywhere on the network could allow exploits from networks other than the adjacent one.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9300-24u-acatalyst_9115axecatalyst_9130axecatalyst_9130axicatalyst_9600xcatalyst_9300-48p-ecatalyst_9800-l-fcatalyst_9300catalyst_9115catalyst_9300-24t-ecatalyst_9300-24ux-ecatalyst_9800-40catalyst_9120axecatalyst_9166catalyst_9124axicatalyst_9124icatalyst_9300lcatalyst_9300-24s-ecatalyst_9130catalyst_9100catalyst_9124axcatalyst_9407rcatalyst_9300-24t-acatalyst_9117axcatalyst_9300-48un-ecatalyst_9300l-48p-4g-ecatalyst_9300l-24t-4g-acatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_9164catalyst_9300l-48t-4x-acatalyst_9300-48p-acatalyst_9162catalyst_9300l-48p-4g-acatalyst_9117_apdn-apl-tta-mcatalyst_9300-48uxm-acatalyst_9300l-48t-4g-ecatalyst_9130axcatalyst_9800-80catalyst_9124catalyst_9105wcatalyst_9120catalyst_9300-48s-ecatalyst_9300l_stackcatalyst_9300l-24t-4x-acatalyst_9400catalyst_9200catalyst_9105axcatalyst_9300-48s-acatalyst_9115_apcatalyst_9166d1catalyst_9300l-24t-4x-ecatalyst_9130_apcatalyst_9800-lcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300-24p-edn-apl-tta-m-rfcatalyst_9300-24s-acatalyst_9200cxcatalyst_9115axicatalyst_9300xcatalyst_9105axicatalyst_9300l-48p-4x-acatalyst_9124ecatalyst_9300-48u-ecatalyst_9105catalyst_9124axdcatalyst_9300-48u-acatalyst_9300-48t-ecatalyst_9120axcatalyst_9136catalyst_9300-48uxm-ecatalyst_9117catalyst_9124dcatalyst_9105axwcatalyst_9115axcatalyst_9120axicatalyst_9300l-48p-4x-ecatalyst_9800catalyst_9300-48t-acatalyst_9300l-48t-4g-acatalyst_9300l-48t-4x-ecatalyst_9200lcatalyst_9300l-24t-4g-ecatalyst_9300-48un-acatalyst_9300l-24p-4g-acatalyst_9300l-24p-4g-ecatalyst_9300-24p-acatalyst_9105icatalyst_9300l-24p-4x-acatalyst_9300lmcatalyst_9120_apcatalyst_9117axiios_xecatalyst_9120axpcatalyst_9800-clCisco IOS XE Softwareios_xe
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20494
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 35.77%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:53
Updated-01 Aug, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareadaptive_security_appliance_software
CWE ID-CWE-1287
Improper Validation of Specified Type of Input
CVE-2005-3426
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.49% / 64.63%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-content_services_switch_11500n/a
CVE-2024-20353
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-16.27% / 94.57%
||
7 Day CHG-1.39%
Published-24 Apr, 2024 | 18:15
Updated-30 Jul, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-05-01||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Softwarefirepower_threat_defense_softwareasaAdaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2024-20498
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 18:23
Updated-04 Jun, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-meraki_mx84meraki_mx64w_firmwaremeraki_mx600_firmwaremeraki_mx105meraki_mx250meraki_mx450meraki_mx105_firmwaremeraki_mx450_firmwaremeraki_z4cmeraki_z3c_firmwaremeraki_z3cmeraki_mx68cw_firmwaremeraki_mx100_firmwaremeraki_mx65meraki_mx85meraki_mx95_firmwaremeraki_z4c_firmwaremeraki_mx67cmeraki_mx64_firmwaremeraki_mx85_firmwaremeraki_mx95meraki_mx100meraki_mx68cwmeraki_z3_firmwaremeraki_mx75meraki_mx68w_firmwaremeraki_mx64wmeraki_mx250_firmwaremeraki_mx68meraki_mx67c_firmwaremeraki_mx68wmeraki_vmx_firmwaremeraki_mx400meraki_mx67wmeraki_mx65wmeraki_mx75_firmwaremeraki_mx67w_firmwaremeraki_z4_firmwaremeraki_mx600meraki_mx67meraki_z4meraki_z3meraki_mx64meraki_vmxmeraki_mx67_firmwaremeraki_mx65w_firmwaremeraki_mx68_firmwaremeraki_mx400_firmwaremeraki_mx65_firmwaremeraki_mx84_firmwareCisco Meraki MX Firmwaremeraki_z1meraki_mx
CWE ID-CWE-415
Double Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 19
  • 20
  • Next
Details not found