Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-1817

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-03 May, 2019 | 16:30
Updated At-19 Nov, 2024 | 19:08
Rejected At-
Credits

Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:03 May, 2019 | 16:30
Updated At:19 Nov, 2024 | 19:08
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Web Security Appliance (WSA)
Versions
Affected
  • From unspecified before 11.5.2-020 (custom)
  • From unspecified before 11.7.0-406 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20
Type: CWE
CWE ID: CWE-20
Description: CWE-20
Metrics
VersionBase scoreBase severityVector
3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:03 May, 2019 | 17:29
Updated At:24 Mar, 2023 | 17:39

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-115
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-115:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-124
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-124:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-125
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-125:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.7.0-fcs-334
cpe:2.3:a:cisco:web_security_appliance:11.7.0-fcs-334:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryykramarz@cisco.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dosykramarz@cisco.com
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3085Records found
CVE-2022-20795
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.20% / 42.26%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 18:50
Updated-06 Nov, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4150asa_for_nexus_1000vfirepower_1010firepower_1140firepower_2120firepower_2130adaptive_security_appliance_softwarefirepower_4110firepower_1120firepower_2110firepower_4125asa_5515-xfirepower_4112firepower_4140adaptive_security_appliancefirepower_2140asa_5545-xasa_5505asa_5555-xfirepower_4145asa_5580asa_5585-xfirepower_4120asa_5525-xfirepower_1150firepower_4115asa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2022-20622
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.84% / 73.72%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:17
Updated-06 Nov, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_access_point_softwareCisco Aironet Access Point Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20675
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.66% / 70.15%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 18:13
Updated-06 Nov, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_email_and_web_managerasyncosemail_security_applianceweb_security_applianceCisco Web Security Appliance (WSA)
CWE ID-CWE-248
Uncaught Exception
CVE-2023-20049
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.09% / 77.08%
||
7 Day CHG~0.00%
Published-09 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_9910asr_9906asr_9904asr_9006asr_9903asr_9912asr_9010asr_9922asr_9001asr_9000v-v2ios_xrasr_9902asr_9901Cisco IOS XR Software
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-20006
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.46% / 63.09%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120adaptive_security_appliance_softwarefirepower_2130firepower_2110firepower_threat_defenseCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2023-20014
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.19%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 15:24
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device. A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_dashboardCisco Nexus Dashboard
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20187
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.41% / 60.65%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:19
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeasr1001-hxasr1000-esp200asr1000-esp40asr1001-xasr1002-xasr1000-esp100asr1002-hxCisco IOS XE Software
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2023-20197
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.76%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 21:43
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .

Action-Not Available
Vendor-Cisco Systems, Inc.Fedora Project
Product-secure_endpointsecure_endpoint_private_cloudfedoraCisco Secure EndpointCisco Secure Endpoint Private Cloud Console
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-20226
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 36.74%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:21
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4321\/k9-ws_integrated_services_router1100-4g_integrated_services_routerc8200l-1n-4t4351_integrated_services_router4321_integrated_services_router4331\/k9-ws_integrated_services_routerc8500l-8s4xcatalyst_ir83401100-6g_integrated_services_routercatalyst_8300-1n1s-4t2x4321\/k9-rf_integrated_services_router4331\/k9_integrated_services_router4351\/k9_integrated_services_routercatalyst_8000v_edge4431_integrated_services_routerc8200-1n-4tcatalyst_8300-1n1s-6t4351\/k9-ws_integrated_services_router1100-4gltena_integrated_services_routerios_xe4221_integrated_services_routercatalyst_8300-2n2s-4t2x4331_integrated_services_routercatalyst_8300-2n2s-6t1100-4gltegb_integrated_services_router4331\/k9-rf_integrated_services_router4321\/k9_integrated_services_router4351\/k9-rf_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-456
Missing Initialization of a Variable
CVE-2023-20262
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.32% / 54.66%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:16
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected. This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanagecatalyst_sd-wan_managerCisco SD-WAN vManageCisco SD-WAN SolutionCisco SD-WAN vSmart
CWE ID-CWE-399
Not Available
CVE-2022-20919
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr-920-12sz-im-ccasr_1023_routerasr_907catalyst_9500hasr-920-12cz-acatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9124axiasr_920-12sz-imcatalyst_9300l-48t-4x-aasr_920-12sz-im_routercatalyst_8300catalyst_9115axicatalyst_8500-4qccatalyst_3850-48u-lcatalyst_9117axicatalyst_9800-80_wireless_controllerasr-920-4sz-acatalyst_8300-1n1s-6tcatalyst_9300l-24t-4g-easr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-easr_9000_rsp440_router1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr_1002_fixed_routerasr1002-xcatalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_9100catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1catalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902uasr_920-4sz-a_routercatalyst_9105axi1100-4p_integrated_services_routerasr-920-24tz-masr_903asr_9920asr_9906catalyst_ie3200_rugged_switchasr1000-mip100catalyst_3850-48t-e1101_integrated_services_routerasr_920-24tz-m_rasr_920-24sz-m_rasr_900_route_switch_processor_3_\(rsp3\)asr_9010catalyst_3850-12s-sasr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9130_apcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_920-10sz-pd_routercatalyst_9120axpasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_900_asr_901s-3sg-f-ahasr1002-hxasr1000-rp34221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr1002-x-wsasr_1002-xasr_920-12cz-d_rcatalyst_9300lcatalyst_9115_apcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrcatalyst_9120axeasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_9117catalyst_3850-12s-ecatalyst_8500asr_920u-12sz-imcatalyst_3850-24t-ecatalyst_9130axiasr_920-24sz-m_routerasr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2xcatalyst_ie3300_rugged_switchasr1001-x-wscatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r1100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_5700asr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9105axwcatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-scatalyst_3850-24ucatalyst_9300l_stackasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-easr_900_route_switch_processor_2_\(rsp2\)asr_920-4sz-dasr_920-4sz-d_routercatalyst_9120_apcatalyst_9800-lasr_1013catalyst_8540msrasr_920-24sz-imasr_5500asr-920-12sz-dcatalyst_3850-nm-2-40gcatalyst_9300lmcatalyst_9300-24t-easr_9000vasr1001-hxcatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-aasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_9130asr_901-6cz-ft-dasr_901-6cz-f-dasr_9000asr_5000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_9120axiasr-920-12sz-acatalyst_9115axecatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_9105asr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-sasr_901-4c-f-dcatalyst_9130axeasr_1001-hx_rcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e1000_integrated_services_routercatalyst_9300-48uxm-aasr_1023catalyst_9300-24p-aasr_1001asr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_9117_apcatalyst_3850-48uasr_1001-hxcatalyst_ie3300asr_1009-xcatalyst_9300-24u-easr_901-6cz-f-acatalyst_9124asr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr-920-12sz-imasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-lcatalyst_91151120_integrated_services_routercatalyst_3850-24xsasr_9903catalyst_91204431_integrated_services_routerasr_901-6cz-fs-acatalyst_9124axdasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2023-20227
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.52% / 65.65%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:21
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only traffic directed to the affected system can be used to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4351_integrated_services_router4331\/k9-ws_integrated_services_routerc8500l-8s4x1100-6g_integrated_services_routervg400-4fxs\/4fxo4331\/k9_integrated_services_router4351\/k9_integrated_services_routercatalyst_8000v_edge4351\/k9-ws_integrated_services_routervg420-144fxs1100-4gltena_integrated_services_router4331_integrated_services_routervg400-2fxs\/2fxo4461_integrated_services_routercatalyst_8300-2n2s-6t1000_integrated_services_router4351\/k9-rf_integrated_services_routervg400-8fxs4321\/k9-ws_integrated_services_router1100-4g_integrated_services_routerc8200l-1n-4t4321_integrated_services_routercatalyst_8300-1n1s-4t2x4321\/k9-rf_integrated_services_router4431_integrated_services_routerc8200-1n-4tcatalyst_8300-1n1s-6tvg450-144fxs\/k9cloud_services_router_1000vios_xe4221_integrated_services_routercatalyst_8300-2n2s-4t2xvg450\/k9vg450-72fxs\/k9vg400-6fxs\/6fxovg420-84fxs\/6fxo1100-4gltegb_integrated_services_router4331\/k9-rf_integrated_services_router4451_integrated_services_routervg420-132fxs\/6fxo4321\/k9_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-388
Not Available
CVE-2023-20212
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.23% / 78.31%
||
7 Day CHG~0.00%
Published-18 Aug, 2023 | 19:55
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_endpointsecure_endpoint_private_cloudCisco Secure Endpoint
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2023-20024
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.61% / 68.85%
||
7 Day CHG~0.00%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sf550x-48mpsg500xg8f8tbusiness_250-16t-2g_firmwaresg250-10p_firmwaresf500-24mp_firmwaresf250-08hp_firmwaresf250-10p_firmwaresf250-26sg250x-24p_firmwarebusiness_350-16p-2gsf250x-48p_firmwaresf250-26_firmwarebusiness_250-48p-4xsg200-26sg250-18sg500-28sg350x-24mpsg550x-48p_firmwaresg200-50p_firmwaresg200-08psf250-24p_firmwarebusiness_350-8fp-e-2gsf200-24_firmwaresg550xg-8f8t_firmwarebusiness_250-48t-4xsg350xg-24tsf200e-24sg550xg-48t_firmwaresf350-48psg550xg-48tsg500x-24psf250-08_firmwarebusiness_350-48t-4gsf300-24mp_firmwaresf550x-24mp_firmwaresf200e-24psg350x-24mp_firmwaresg350-28sf250-26p_firmwaresf550x-48p_firmwaresg200-10fpbusiness_350-16fp-2gbusiness_350-8fp-2g_firmwarebusiness_350-16p-e-2gsf200e-48sg500x24mppsg250-50hp_firmwaresg350x-12pmvsg250-24business_250-8p-e-2g_firmwarebusiness_350-24s-4gsg350x-24business_350-24fp-4xbusiness_350-8mp-2xbusiness_350-48p-4gbusiness_350-8fp-e-2g_firmwaresf350-28mpsf550x-48_firmwaresg250x-24sg550xg-8f8tsf250-50psg250-24p_firmwaresg550xg-24tsf250-18_firmwaresf250-26hp_firmwaresg350-10p_firmwaresg355-10psg200-50psg200-26fp_firmwaresg350-10psg250-50psg300-52psf500-18p_firmwaresf350-20_firmwarebusiness_350-16xts_firmwarebusiness_350-12xssg250-26hpsf352-08_firmwaresg250x-48p_firmwarebusiness_250-16p-2gsf352-08mpsg350x-24pv_firmwaresf500-24p_firmwarebusiness_250-16p-2g_firmwarebusiness_350-8fp-2gbusiness_350-8p-e-2gsf200e-48psg500x-48mp_firmwarebusiness_250-8p-e-2gbusiness_250-24t-4x_firmwaresg300-10sfpsf500-24mpsg300-28_firmwarebusiness_250-8t-e-2gsf500-24psf200-24p_firmwaresf302-08ppsf300-48sg350xg-48t_firmwaresg250-26sg300-10sfp_firmwarebusiness_250-8pp-e-2g_firmwaresf550x-48mp_firmwaresf350-52sg250x-48sf550x-24_firmwaresf350-10_firmwaresf250-48hp_firmwaresg500x24mpp_firmwaresg300-28ppsf250-08hpbusiness_250-48t-4g_firmwaresg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresf550x-48psg550x-24mppsf350-20sf500-48pbusiness_350-24fp-4x_firmwaresg350xg-24f_firmwaresg500x-24mpp_firmwarebusiness_350-24xtsbusiness_250-24p-4xsg300-28mpsf350-24mpsf250-24_firmwaresg350-28mpsf302-08sg350x-48sg300-28pp_firmwarebusiness_350-24mgp-4x_firmwaresg350-10mp_firmwaresf302-08mpp_firmwarebusiness_350-8xt_firmwarebusiness_250-8pp-e-2gsf500-48mpsg300-52p_firmwaresg300-10psf550x-24p_firmwarebusiness_350-24p-4xsg300-10mp_firmwaresg200-08p_firmwaresf200-24fp_firmwarebusiness_350-12xs_firmwaresg550x-24business_350-24p-4gsf300-08sf350-52psf250x-24_firmwarebusiness_350-16xtsbusiness_350-8s-e-2gsf350-48_firmwaresg250-10psg200-08business_250-8pp-dsg250-50_firmwaresf250-10psg350xg-2f10_firmwaresf250x-24p_firmwaresf250-50_firmwaresg250-08sg350-28psg250-26hp_firmwarebusiness_350-8xtbusiness_250-48t-4gbusiness_350-24xs_firmwaresf200e48p_firmwaresf200e-24p_firmwaresg350xg-48tbusiness_350-48t-4x_firmwaresg350-28_firmwaresg300-10_firmwaresg350x-8pmdsg350x-48psf200e-48p_firmwaresg500x-24business_350-24xt_firmwarebusiness_250-16t-2gsf350-10sfp_firmwarebusiness_350-48ngp-4x_firmwaresg350-10_firmwarebusiness_350-12np-4x_firmwaresf350-52p_firmwaresg250x-48psg500x-24p_firmwaresg250-48sg550x-24p_firmwarebusiness_350-16t-e-2g_firmwaresf200-24fpsg500xg-8f8t_firmwarebusiness_250-24pp-4gbusiness_250-48p-4gsf300-24psg250-48hp_firmwaresg550xg-24t_firmwaresg550x-48t_firmwarebusiness_250-24t-4g_firmwaresf302-08mppsg500-52ppsf250-48_firmwaresg350x-48p_firmwarebusiness_350-24xtsg300-28mp_firmwaresf550x-24mpbusiness_350-48fp-4x_firmwarebusiness_350-8t-e-2gsg250-50hpsg550x-24mpp_firmwaresg200-18business_350-24p-4g_firmwaresg250-48hpbusiness_350-24t-4xsg350xg-24fsg500x-48mpsf200-48_firmwaresg500xg-8f8tsg300-28sfp_firmwaresg500-28_firmwaresf350-28psf350-8pdbusiness_350-48ngp-4xsf355-10p_firmwarebusiness_350-8t-e-2g_firmwaresf300-24pp_firmwarebusiness_350-24fp-4g_firmwarebusiness_250-8t-e-2g_firmwarebusiness_250-8fp-e-2g_firmwarebusiness_350-12xtsf250-24psf250-08sg300-10p_firmwaresf350-10psg250-18_firmwaresg300-52_firmwaresf350-24pbusiness_350-48fp-4xbusiness_250-48pp-4g_firmwarebusiness_350-8s-e-2g_firmwaresg300-52sg250x-24psg500x-48sg200-26_firmwaresf200e48pbusiness_250-8pp-d_firmwaresf350-24sg300-20sg500-28psg500-52pp_firmwaresg550x-48tsg350x-48_firmwaresg250-24psf200-48sf350-24mp_firmwaresf350-52mp_firmwaresf250x-48_firmwaresg350x-24_firmwaresg550x-48mp_firmwaresf350-48sf350-52mpsf300-24_firmwaresf300-48psf350-10sfpsf350-28mp_firmwaresg350x-48pvsg500-28mpp_firmwaresg500-52pbusiness_250-24fp-4g_firmwarebusiness_250-8t-d_firmwaresf250-24business_250-48p-4g_firmwaresf300-24ppsg550x-48pbusiness_250-24fp-4x_firmwaresf250-50hpsg350x-48mp_firmwaresg550xg-24f_firmwaresg250x-24_firmwaresf350-8mpbusiness_350-24mgp-4xbusiness_350-24xssg350x-12pmv_firmwaresg355-10mpsf352-08mp_firmwaresg300-10mpp_firmwaresf350-24p_firmwaresf250-50hp_firmwaresf350-24_firmwaresg200-50business_250-48pp-4gsg300-52mpsf250x-24psf250x-48pbusiness_350-48t-4g_firmwaresf200-48p_firmwaresf352-08sg500-28pp_firmwarebusiness_350-24t-4x_firmwarebusiness_350-48fp-4g_firmwaresf250-48business_350-12np-4xbusiness_350-8p-2g_firmwaresg300-20_firmwaresf350-28sfp_firmwaresf250x-24business_350-24fp-4gsf500-48sg200-50fpsg550x-24_firmwaresg250x-48_firmwaresg500-28mppbusiness_350-16p-2g_firmwaresf350-8pd_firmwaresg250-50p_firmwaresf350-48p_firmwarebusiness_350-24xts_firmwaresf350-10mp_firmwaresg355-10mp_firmwarebusiness_350-8p-2gsg350x-24pd_firmwarebusiness_250-24pp-4g_firmwaresf350-08sf250-50sg350-28p_firmwaresg350xg-2f10sg500xg8f8t_firmwaresg350x-8pmd_firmwarebusiness_250-24p-4g_firmwaresf250-26hpbusiness_350-48p-4xbusiness_350-24s-4g_firmwaresg350-10mpbusiness_350-16t-2gsg250-24_firmwaresf550x-24sg500-52p_firmwaresf200-24psf500-48p_firmwaresf350-28business_350-8mgp-2xsf200e-24_firmwarebusiness_350-12xt_firmwarebusiness_250-24fp-4xsf350-48mp_firmwaresg350-28mp_firmwarebusiness_350-24ngp-4xsf200-24sf250-26psg500-28ppsg500x-48pbusiness_350-48xt-4x_firmwaresg250-26_firmwaresf200e-48_firmwarebusiness_350-24ngp-4x_firmwaresg355-10p_firmwaresg500x-48mppsg500x-48p_firmwarebusiness_350-24p-4x_firmwaresg550x-24mp_firmwaresg200-18_firmwarebusiness_350-8mgp-2x_firmwaresf300-48ppsg500x-24_firmwaresf350-10mpsg350xg-24t_firmwaresg550x-48_firmwaresg350x-24p_firmwaresf302-08_firmwaresg250-48_firmwarebusiness_250-8fp-e-2gsg300-10mpsf350-28_firmwaresf350-10p_firmwaresf250-18sf352-08psg300-10ppsf500-18psf350-8mp_firmwarebusiness_350-24t-4gbusiness_350-8p-e-2g_firmwaresg500x-48mpp_firmwaresf350-28p_firmwaresg200-26fpsg200-26p_firmwaresf550x-48sf350-10sg350x-48pv_firmwaresg300-28sg350x-24pdsg200-10fp_firmwaresg550xg-24fbusiness_350-48p-4x_firmwaresg250-08hpbusiness_250-24p-4x_firmwaresf250x-48sg550x-24mpsg350-10business_350-8mp-2x_firmwaresf300-24p_firmwaresg550x-48mpbusiness_350-16p-e-2g_firmwaresg200-50fp_firmwarebusiness_250-24p-4gsg250-26psg300-10pp_firmwaresf500-24sf550x-24psg300-10sf352-08p_firmwaresf300-48p_firmwaresf350-48mpbusiness_350-16t-2g_firmwaresg250-50sg300-10mppbusiness_350-24t-4g_firmwaresg300-28psg350x-24pvbusiness_250-24t-4xsf300-24sf200-48psg200-26psg550x-24pbusiness_250-8t-dbusiness_250-24fp-4gsg200-08_firmwaresg350x-48mpbusiness_350-48t-4xsg500x-24mppsg300-28sfpsg550x-48sf300-48pp_firmwaresg250-08_firmwaresf300-24mpbusiness_250-24t-4gsg350x-24psf350-52_firmwarebusiness_250-48t-4x_firmwaresf350-28sfpbusiness_250-48p-4x_firmwaresf302-08pp_firmwaresf250-48hpbusiness_350-16t-e-2gsg500x-48_firmwaresg200-50_firmwaresg250-26p_firmwaresf300-08_firmwarebusiness_350-48xt-4xsf250-50p_firmwarebusiness_350-16fp-2g_firmwarebusiness_350-48p-4g_firmwaresf500-24_firmwaresf350-08_firmwaresg250-08hp_firmwaresf500-48mp_firmwaresf300-48_firmwaresf355-10pbusiness_350-48fp-4gsg300-28p_firmwareCisco Small Business Smart and Managed Switches 550x_series_stackable_managed_switches_firmware250_series_smart_switches_firmwaresmall_business_500_series_stackable_managed_switches_firmwarebusiness_350_series_managed_switches_firmwaresmall_business_200_series_smart_switches_firmwaresmall_business_300_series_managed_switches_firmwarebusiness_250_series_smart_switches_firmware350x_series_stackable_managed_switches_firmware350_series_managed_switches_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-20051
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.38% / 58.84%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability

A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_5000packet_data_network_gatewayasr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20080
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 36.56%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability

A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-20108
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.27%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted login message to the affected device. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating. Exploitation of this vulnerability does not impact Cisco Unified CM IM&P users who were authenticated prior to an attack.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_manager_im_and_presence_serviceCisco Unified Communications Manager IM and Presence Service
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20785
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.85%
||
7 Day CHG~0.00%
Published-04 May, 2022 | 17:05
Updated-06 Nov, 2024 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Action-Not Available
Vendor-ClamAVDebian GNU/LinuxFedora ProjectCisco Systems, Inc.
Product-secure_endpointclamavdebian_linuxfedoraCisco AMP for Endpoints
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-20088
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.33% / 55.46%
||
7 Day CHG~0.00%
Published-03 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Finesse Reverse Proxy VPN-less Access to Finesse Desktop Denial of Service Vulnerability

A vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. This vulnerability is due to improper IP address filtering by the reverse proxy. An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. A successful exploit could allow the attacker to cause all current traffic and subsequent requests to the reverse proxy through a load balancer to be dropped, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-finesseCisco Unified Contact Center Enterprise
CWE ID-CWE-285
Improper Authorization
CVE-2023-20155
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 58.97%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 16:48
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Center
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-20760
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.59% / 85.00%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20079
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-8.61% / 92.05%
||
7 Day CHG~0.00%
Published-03 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_ip_phone_7945g_firmwareunified_ip_phone_7945gip_phone_8841ip_phone_8832ip_phone_8861ip_phone_8831_firmwareip_phone_6851ip_phone_8845_firmwareip_phone_8831ip_phone_7841ip_phone_7811_firmwareip_phone_8811ip_phone_7832unified_ip_phone_7965gip_phone_8811_firmwareip_phone_7861_firmwareip_phone_8845ip_phone_8851_firmwareip_phone_6841ip_phone_7821_firmwareip_phone_8841_firmwareunified_ip_phone_7965g_firmwareip_phone_8865_firmwareip_phone_8865ip_phone_6851_firmwareip_phone_6871ip_phone_6871_firmwareunified_ip_phone_7975gip_phone_7841_firmwareip_phone_6825_firmwareip_phone_8832_firmwareip_phone_6825ip_phone_6861ip_phone_6861_firmwareip_phone_7832_firmwareip_phone_7861ip_phone_7811ip_phone_6841_firmwareip_phone_8861_firmwareip_phone_8851ip_phone_7821unified_ip_phone_7975g_firmwareCisco IP Phones with Multiplatform Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20757
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.23% / 78.32%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20748
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.13% / 77.45%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2020-16138
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-74.68% / 98.81%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 20:09
Updated-18 Nov, 2024 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_ip_conference_station_7937g_firmwareunified_ip_conference_station_7937gn/a
CVE-2020-16139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-90.39% / 99.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 20:10
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_ip_conference_station_7937g_firmwareunified_ip_conference_station_7937gn/aunified_ip_conference_station_7937g_firmware
CVE-2022-20947
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 36.11%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 17:29
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostScan data received from the Posture (HostScan) module. An attacker could exploit this vulnerability by sending crafted HostScan data to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-20746
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20960
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.03%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 19:30
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Secure Email
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-295
Improper Certificate Validation
CVE-2023-20259
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.14% / 35.07%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 16:13
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unity_connectionprime_collaboration_deploymentunified_communications_managerunified_communications_manager_im_\&_presence_serviceemergency_responderCisco Emergency ResponderCisco Unified Communications ManagerCisco Prime Collaboration DeploymentCisco Unity ConnectionCisco Unified Communications Manager IM and Presence Service
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-20848
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.47% / 63.78%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3650-24ps-scatalyst_3850catalyst_3650asr-920-12sz-im-ccasr_907catalyst_9500hasr-920-12cz-acatalyst_3650-12x48urcatalyst_3850-16xs-scatalyst_9300l-24t-4x-acatalyst_3850-48pw-scatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9300l-48t-4x-aasr_920-12sz-imasr_920-12sz-im_routercatalyst_8300catalyst_3650-24pdmcatalyst_3850-48u-lcatalyst_8500-4qccatalyst_3650-8x24pd-scatalyst_3650-48ts-lasr-920-4sz-acatalyst_3650-8x24uq-lcatalyst_8300-1n1s-6t8101-32fhcatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_9300l-24t-4g-ecatalyst_3650-24ts-lasr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_9800-clcatalyst_9300-48p-ecatalyst_3650-8x24pd-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr1002-x9800-40catalyst_3650-12x48uq-ecatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_8510msrcatalyst_3850-16xs-ecatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3650-24pdm-scatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-ecatalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9400catalyst_3650-48fqm-scatalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_3650-12x48fd-scatalyst_9600_supervisor_engine-1catalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_3650-8x24uq-scatalyst_3650-48tq-lcatalyst_9300-48u-aasr_902uasr_920-4sz-a_router1100-4p_integrated_services_routercatalyst_3650-48fq-sasr-920-24tz-masr_903asr_9920asr_9906asr1000-mip100catalyst_3850-48t-ecatalyst_3650-48pq-s1101_integrated_services_routerasr_920-24tz-m_rcatalyst_3650-48fqm-l8101-32hasr_920-24sz-m_rcatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-easr_1002-hx_r3000_integrated_services_routerasr_920-10sz-pd_routercatalyst_3650-12x48uz-sasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr1002-hxasr_901s-3sg-f-ahasr1000-rp3catalyst_3650-12x48fd-ecatalyst_3850-48f-l4221_integrated_services_routercatalyst_3850-24xu-lcatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-easr1002-x-wsasr_1002-xcatalyst_9300lasr_920-12cz-d_r8800_18-slotcatalyst_3650-12x48uq-scatalyst_3650-12x48uz-e4451-x_integrated_services_routercatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_920-24sz-m_routercatalyst_3650-24ts-scatalyst_3650-24ps-easr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_3650-48pd-ecatalyst_3650-48fqm-easr1001-x-wscatalyst_3650-24pdm-easr_1000catalyst_3650-48ts-ecatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-s8202catalyst_3650-24pdm-lcatalyst_9300l_stack9800-lcatalyst_3850-24uasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-ecatalyst_3650-24ts-ecatalyst_3650-24ps-lasr_920-4sz-dcatalyst_3650-48td-sasr_920-4sz-d_router111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gasr-920-12sz-dcatalyst_9300lmcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fd-lcatalyst_3650-48fs-ecatalyst_9300-24t-ecatalyst_3650-12x48uzasr_9000vasr1001-hxcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24t-scatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-acatalyst_3650-48tq-sasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_3650-48fd-easr_901-6cz-ft-dasr_901-6cz-f-dasr_9000catalyst_3650-48fq-ecatalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3650-12x48fd-lasr-920-12sz-acatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-aasr_1006catalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-scatalyst_3650-12x48ur-lasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_3650-24pdcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-acatalyst_3650-48ps-lasr_10011100-4g\/6g_integrated_services_routerasr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lasr_1001-hxcatalyst_ie3300catalyst_3650-48fqcatalyst_3650-48fq-l8102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-aasr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_3650-48pd-scatalyst_9300-48un-aasr_1001-x_rcatalyst_3650-24pd-easr-920-12sz-imasr_901-6cz-fs-dcatalyst_3650-12x48uz-lcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotcatalyst_3650-48ps-s4431_integrated_services_router9800-80asr_901-6cz-fs-aasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xcatalyst_3650-48ts-s8800_12-slotcatalyst_3650-48ps-easr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2022-20856
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.39% / 59.21%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mobility packets to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device. This would cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-40catalyst_9800-l-ccatalyst_9800catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CVE-2022-20767
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.35% / 79.31%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-12270
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 74.58%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. Cisco Bug IDs: CSCvb99388.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrCisco IOS XR
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12237
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.09%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an affected device processes certain IKEv2 packets. An attacker could exploit this vulnerability by sending specific IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. This vulnerability affects Cisco devices that have the Internet Security Association and Key Management Protocol (ISAKMP) enabled. Although only IKEv2 packets can be used to trigger this vulnerability, devices that are running Cisco IOS Software or Cisco IOS XE Software are vulnerable when ISAKMP is enabled. A device does not need to be configured with any IKEv2-specific features to be vulnerable. Many features use IKEv2, including different types of VPNs such as the following: LAN-to-LAN VPN; Remote-access VPN, excluding SSL VPN; Dynamic Multipoint VPN (DMVPN); and FlexVPN. Cisco Bug IDs: CSCvc41277.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3850-24t-scatalyst_3850-nm-2-40g1000_integrated_services_routerasr_1009-xcatalyst_8300catalyst_3650-48fs-eintegrated_services_virtual_routercatalyst_3850-24xs-scatalyst_3650-24ts-lcatalyst_3850-12s-e1100_integrated_services_routercatalyst_3650-24ps-scatalyst_3650-48fd-scatalyst_8300-2n2s-4t2xcatalyst_9800catalyst_3650-48fq-scatalyst_3650-48fq-l1109-2p_integrated_services_routercatalyst_9300-48t-ecatalyst_3650-48pd-lcatalyst_9300-48t-acatalyst_9300l-48t-4g-a8201-32fh9800-lcatalyst_3650-48tq-ecatalyst_3650-48ps-lcatalyst_3850-48xs-ecatalyst_9300-24s-a4321_integrated_services_router4351_integrated_services_routercatalyst_9300l-24t-4g-ecatalyst_82001841_integrated_service_routercatalyst_3650-12x48uzcatalyst_3850-48p-sasr_1000-xcatalyst_3850-48f-ecatalyst_3650-24pdcatalyst_9300-24t-acatalyst_3650-48td-easr_1001-hxcatalyst_3850-24t-lesr63008101-32hcatalyst_85004451-x_integrated_services_routercatalyst_9300-48uxm-ecatalyst_3650-48fd-lcatalyst_3850-48t-lcatalyst_3850-nm-8-10gcatalyst_9300l-24p-4g-a8831catalyst_9300-24u-acatalyst_3850-12x48ucatalyst_3650-24ps-e8201catalyst_3650-24pd-ecatalyst_3850-48t-ecatalyst_9800-cl1812_integrated_service_routercatalyst_8500lcatalyst_3650-48td-lcatalyst_9200asr_1001-hx_rasr_1006-x4431_integrated_services_routercatalyst_3650-48td-scatalyst_9300-24s-ecatalyst_3650-8x24uq-lcatalyst_8300-1n1s-4t2xcatalyst_9300l-24t-4x-a1100-4g\/6g_integrated_services_router1801_integrated_service_router1100-4gltegb_integrated_services_routercatalyst_3850-24xu-l1811_integrated_service_router8800_8-slotcatalyst_9300lcatalyst_9800-lcatalyst_3650-12x48ur-scatalyst_3650-24td-sasr_10138800_4-slotcatalyst_3650-48fqesr-6300-con-k99800-clcatalyst_9300l-48p-4g-acatalyst_9300-24p-ecatalyst_9300-48un-acatalyst_96008808catalyst_95001160_integrated_services_router1941w_integrated_services_router1906c_integrated_services_routercatalyst_ie3300_rugged_switchcatalyst_3650-12x48uq-sios_xecatalyst_3850-24ucatalyst_3650-48pd-ecatalyst_3850-16xs-s4321\/k9-ws_integrated_services_routercatalyst_3650-48tq-scatalyst_3850-48ucatalyst_9600xcatalyst_9300l-48t-4x-acatalyst_3650-24pdm-ecatalyst_3850-32xs-e4221_integrated_services_routercatalyst_3650-48ts-l82121100-8p_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_9300l-48t-4x-ecatalyst_3650-12x48uq-lcatalyst_3850-48p-lcatalyst_3650-48pq-e1111x_integrated_services_routercatalyst_9300lmcatalyst_8510csr1109-4p_integrated_services_routercatalyst_3850-24t-ecatalyst_3850-24xu-e8818catalyst_3650-12x48uz-scatalyst_3850-48u-lcatalyst_3850-24s-scatalyst_3850-24u-scatalyst_3650-24pd-scatalyst_3650-48fqm-ecatalyst_9300l-48p-4g-ecatalyst_3650catalyst_3850-12s-s4321\/k9_integrated_services_routercatalyst_9300-24t-e9800-40catalyst_3650-12x48ur-ecatalyst_9300l-24p-4x-e4321\/k9-rf_integrated_services_routercatalyst_9300-48u-acatalyst_9800-l-fasr_1002-xcatalyst_3650-12x48ur-lcatalyst_8300-1n1s-6tcatalyst_ie3200_rugged_switchcatalyst_3650-24pdm-lasr_10001100-6g_integrated_services_routercatalyst_3650-8x24uq-ecatalyst_3650-12x48uz-ecatalyst_9300l-48p-4x-acatalyst_8500-4qccatalyst_3850-24pw-sesr-6300-ncp-k9catalyst_3650-12x48fd-scatalyst_3850-48xs-s8218catalyst_9300-48u-ecatalyst_3850-48t-scatalyst_3850-24xu-scatalyst_3850-48f-lcatalyst_3850catalyst_9600_supervisor_engine-18101-32fhasr_1002-hxcatalyst_3650-12x48uq8102-64h4331_integrated_services_routercatalyst_3650-8x24uq-scatalyst_3650-48pq-lcatalyst_3650-48fs-l4331\/k9_integrated_services_routercatalyst_ie93001905_integrated_services_router4351\/k9-ws_integrated_services_routercatalyst_9200lcatalyst_3650-24ps-lcatalyst_8540msr82028800_18-slotcatalyst_9300-48s-a422_integrated_services_routercatalyst_3850-32xs-sasr_1002-x_rcatalyst_9407rcatalyst_3650-24td-ecatalyst_ie3400_rugged_switchcatalyst_3850-48xs-f-ecbr-8_converged_broadband_router8800_12-slotcatalyst_3650-24td-lcatalyst_9300-24ux-e1111x-8p_integrated_services_routercatalyst_3850-24p-ecatalyst_3650-12x48uz-lcatalyst_3850-24p-scatalyst_9300-24u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-24s-ecatalyst_3850-24xuasr_1023catalyst_3650-24pd-lcatalyst_9300l-24p-4g-ecatalyst_3850-24u-l1100-4p_integrated_services_routercatalyst_3850-24u-e4331\/k9-ws_integrated_services_router4351\/k9_integrated_services_router4331\/k9-rf_integrated_services_router1109_integrated_services_routercatalyst_3650-48fd-e8812catalyst_3650-48fs-scatalyst_3850-48pw-s1101_integrated_services_router8804catalyst_3850-12xs-scatalyst_3650-12x48urcatalyst_3850-24xscatalyst_9300-24ux-acatalyst_8540csrcatalyst_9400_supervisor_engine-1catalyst_3650-8x24uqcatalyst_3650-48ts-scatalyst_9200cxcatalyst_9300l-24t-4g-acatalyst_3650-8x24pd-scatalyst_8510msrioscatalyst_3850-48xscatalyst_3850-48p-ecatalyst_3850-48u-ecatalyst_9300l_stackcatalyst_3650-48fq-ecatalyst_3850-48xs-f-scatalyst_3850-24p-lcatalyst_9300-48p-acatalyst_9300-48p-e4351\/k9-rf_integrated_services_routerasr_1001-xcatalyst_9300-48un-ecatalyst_3650-24ts-e1100-4g_integrated_services_router4461_integrated_services_router44461_integrated_services_routercatalyst_9300-24p-acatalyst_9400catalyst_9300-48s-e1100-4gltena_integrated_services_router1120_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_9300xcatalyst_3850-24xs-ecatalyst_3850-48f-s1861_integrated_service_routercatalyst_3650-8x24pd-ecatalyst_9300-48uxm-a1100-lte_integrated_services_routercatalyst_9500hcatalyst_9300l-48p-4x-ecatalyst_3650-48fqm-scatalyst_3850-12xs-e1240_connected_grid_routercatalyst_3650-48fqm-lasr_1002-hx_rasr_1001catalyst_3650-48pq-scatalyst_3650-48fqmcatalyst_9300catalyst_3650-12x48fd-l1941_integrated_services_routercatalyst_3650-48pd-s1921_integrated_services_router1802_integrated_service_routercatalyst_3650-8x24pd-lcatalyst_9300l-24p-4x-acatalyst_3650-12x48uq-e4000_integrated_services_router8208asr_1001-x_rasr_1004catalyst_3650-48ps-e4451_integrated_services_routerasr_10061803_integrated_service_routercatalyst_3650-24ts-scatalyst_3650-24pdmcatalyst_3650-48ps-scatalyst_9800-l-ccatalyst_3650-48ts-ecatalyst_3850-16xs-e9800-80catalyst_ie3400_heavy_duty_switchcatalyst_3850-48u-s1131_integrated_services_routercatalyst_3650-12x48fd-ecatalyst_3650-24pdm-scatalyst_8300-2n2s-6tcatalyst_9410rasr_1002Cisco IOS and IOS XEIOS and IOS XE Software
CVE-2017-12259
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.41% / 79.71%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by sending malformed SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA51x Series IP Phones that are running Cisco SPA51x Firmware Release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63982.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-small_business_ip_phonesmall_business_ip_phone_firmwareCisco Small Business SPA51x Series IP Phones
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12318
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 70.25%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition. The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes. Cisco Bug IDs: CSCvf19887.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-rf_gateway_1_firmwarerf_gateway_1Cisco RF Gateway 1
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-399
Not Available
CVE-2017-12231
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.09%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3850-nm-2-40gcatalyst_3850-24t-scatalyst_9800-80asr_901s-4sg-f-dasr_1009-xcatalyst_8300catalyst_3650-48fs-ecatalyst_3850-24xs-scatalyst_3650-24ts-lcatalyst_3850-12s-e1100_integrated_services_routercatalyst_3650-24ps-sasr_9910catalyst_3650-48fd-scatalyst_8300-2n2s-4t2xcatalyst_9800asr_920-12cz-dasr_920-12cz-a_rasr_920u-12sz-imcatalyst_3650-48fq-sasr_901-6cz-fs-acatalyst_3650-48fq-l1109-2p_integrated_services_routercatalyst_9300-48t-ecatalyst_3650-48pd-lcatalyst_9300-48t-acatalyst_9300l-48t-4g-a8201-32fh9800-lcatalyst_3650-48tq-ecatalyst_3650-48ps-lasr_1002_fixed_routercatalyst_9300-24s-acatalyst_3850-48xs-easr_1000-esp100catalyst_9300l-24t-4g-ecatalyst_82001841_integrated_service_routercatalyst_3650-12x48uzasr_901-4c-ft-dcatalyst_3850-48p-sasr_920-4sz-a_rasr_920-4sz-dcatalyst_3850-48f-ecatalyst_3650-24pdasr_901s-3sg-f-ahcatalyst_9300-24t-acatalyst_3650-48td-easr_1001-hxcatalyst_3850-24t-l8101-32hcatalyst_8500catalyst_9300-48uxm-ecatalyst_3650-48fd-lcatalyst_3850-48t-lcatalyst_3850-nm-8-10gcatalyst_9300l-24p-4g-acatalyst_9300-24u-aasr_900catalyst_3850-12x48ucatalyst_3650-24ps-e8201catalyst_3650-24pd-ecatalyst_3850-48t-ecatalyst_9800-cl1812_integrated_service_routerasr_901-12c-f-dcatalyst_8500lasr_907catalyst_3650-48td-lcatalyst_9200asr_1001-hx_rasr_1006-xcatalyst_3650-48td-scatalyst_9300-24s-ecatalyst_3650-8x24uq-lcatalyst_8300-1n1s-4t2xcatalyst_9300l-24t-4x-a1100-4g\/6g_integrated_services_router1801_integrated_service_router1100-4gltegb_integrated_services_routerasr_9010catalyst_3850-24xu-l1811_integrated_service_router8800_8-slotcatalyst_9300lcatalyst_9800-lasr_920-24sz-imcatalyst_3650-12x48ur-scatalyst_3650-24td-sasr_10138800_4-slotcatalyst_3650-48fq9800-clcatalyst_9300l-48p-4g-acatalyst_9300-24p-ecatalyst_9300-48un-acatalyst_96008808catalyst_95001160_integrated_services_router1941w_integrated_services_router1906c_integrated_services_routercatalyst_ie3300_rugged_switchasr_901s-2sg-f-dcatalyst_3650-12x48uq-sasr_920-24tz-m_rcatalyst_3850-24ucatalyst_3650-48pd-easr_920-12sz-im_rcatalyst_3850-16xs-scatalyst_3650-48tq-scatalyst_3850-48ucatalyst_9600xcatalyst_9300l-48t-4x-acatalyst_3650-24pdm-ecatalyst_3850-32xs-easr_9920asr_920-4sz-d_r4221_integrated_services_routercatalyst_3650-48ts-l1100-8p_integrated_services_router8212asr_920-24sz-mcatalyst_9300l-48t-4g-ecatalyst_9300l-48t-4x-ecatalyst_3650-12x48uq-lcatalyst_3850-48p-lasr_902asr_9006catalyst_3650-48pq-e1109-4p_integrated_services_routercatalyst_3850-24xu-ecatalyst_3850-24t-ecatalyst_8510csrcatalyst_9300lmasr_9000v8818catalyst_3650-12x48uz-sasr_901-6cz-f-acatalyst_3850-48u-lcatalyst_3850-24s-scatalyst_3850-24u-scatalyst_3650-24pd-scatalyst_3650-48fqm-ecatalyst_9300l-48p-4g-ecatalyst_3650catalyst_3850-12s-sasr_9902asr_901s-2sg-f-ahcatalyst_9300-24t-e9800-40catalyst_3650-12x48ur-ecatalyst_9300l-24p-4x-ecatalyst_9300-48u-acatalyst_9800-l-fcatalyst_3650-12x48ur-lcatalyst_ie3200_rugged_switchasr_1002-xcatalyst_8300-1n1s-6tcatalyst_3650-24pdm-lasr_10001100-6g_integrated_services_routercatalyst_3650-8x24uq-easr_901-6cz-ft-dcatalyst_3650-12x48uz-ecatalyst_9300l-48p-4x-acatalyst_8500-4qccatalyst_3850-24pw-scatalyst_3650-12x48fd-scatalyst_3850-48xs-s8218asr_920-10sz-pd_rcatalyst_9300-48u-ecatalyst_3850-48t-sasr_920-24sz-m_rcatalyst_3850-24xu-scatalyst_3850-48f-lcatalyst_3850catalyst_9600_supervisor_engine-18101-32fhasr_1002-hxcatalyst_3650-12x48uq8102-64hcatalyst_3650-8x24uq-sasr_920-12cz-acatalyst_3650-48pq-lcatalyst_3650-48fs-l1905_integrated_services_routercatalyst_9200lcatalyst_3650-24ps-lasr_9901catalyst_8540msrasr_901s-3sg-f-d8202catalyst_9300-48s-a8800_18-slotcatalyst_3850-32xs-sasr_1002-x_rcatalyst_3650-24td-ecatalyst_3850-48xs-f-e8800_12-slotcatalyst_3650-24td-lcatalyst_9300-24ux-e1111x-8p_integrated_services_routercatalyst_3850-24p-easr_9912catalyst_3650-12x48uz-lcatalyst_3850-24p-scatalyst_9300-24u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-24s-ecatalyst_3850-24xuasr_1023asr_903catalyst_3650-24pd-lcatalyst_9300l-24p-4g-ecatalyst_3850-24u-lasr_920-4sz-aasr_1000-esp200-x1100-4p_integrated_services_routercatalyst_3850-24u-easr_9904asr_901-6cz-fs-d1109_integrated_services_routerasr_901-4c-f-dcatalyst_3650-48fd-e8812catalyst_3650-48fs-scatalyst_3850-48pw-s1101_integrated_services_routerasr_901-6cz-ft-a8804catalyst_3850-12xs-scatalyst_3650-12x48urcatalyst_3850-24xsasr_920-12cz-d_rcatalyst_9300-24ux-acatalyst_8540csrcatalyst_3650-8x24uqcatalyst_3650-48ts-scatalyst_9200cxcatalyst_9300l-24t-4g-acatalyst_3650-8x24pd-scatalyst_8510msrcatalyst_9800_embedded_wireless_controlleriosasr_914catalyst_3850-48xscatalyst_3850-48p-ecatalyst_3850-48u-ecatalyst_9300l_stackcatalyst_3650-48fq-easr_902uasr_901-12c-ft-dcatalyst_3850-48xs-f-sasr_9922catalyst_3850-24p-lcatalyst_9300-48p-acatalyst_9300-48p-easr_1001-xcatalyst_9800-40_wireless_controllercatalyst_9300-48un-ecatalyst_3650-24ts-e1100-4g_integrated_services_routercatalyst_9800-40asr_9903catalyst_9300-24p-acatalyst_9300-48s-e1100-4gltena_integrated_services_router1120_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_9300xcatalyst_3850-24xs-ecatalyst_3850-48f-sasr_920-12sz-im1861_integrated_service_routercatalyst_3650-8x24pd-ecatalyst_9300-48uxm-a1100-lte_integrated_services_routercatalyst_9500hasr_1000-esp100-xasr_920-10sz-pdcatalyst_9300l-48p-4x-ecatalyst_3650-48fqm-scatalyst_3850-12xs-e1100_terminal_services_gatewaysasr_920-24tz-mcatalyst_3650-48fqm-lasr_920-24sz-im_rasr_1002-hx_rasr_1001catalyst_3650-48pq-scatalyst_3650-48fqmcatalyst_9300catalyst_3650-12x48fd-lasr_90001941_integrated_services_routercatalyst_3650-48pd-s1921_integrated_services_routercatalyst_3650-8x24pd-l1802_integrated_service_routerasr_9906catalyst_9300l-24p-4x-acatalyst_3650-12x48uq-e4000_integrated_services_routerasr_1001-x_r8208asr_1004catalyst_3650-48ps-easr_901-6cz-f-dcatalyst_9800-80_wireless_controllerasr_10061803_integrated_service_routercatalyst_3650-24ts-scatalyst_3650-24pdmcatalyst_3650-48ps-scatalyst_9800-l-casr_9001catalyst_3650-48ts-ecatalyst_3850-16xs-e9800-80catalyst_3850-48u-s1131_integrated_services_routercatalyst_3650-12x48fd-ecatalyst_3650-24pdm-scatalyst_8300-2n2s-6t111x_integrated_services_routerCisco IOSIOS software
CVE-2008-3819
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.60% / 68.57%
||
7 Day CHG~0.00%
Published-08 Jan, 2009 | 19:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote attackers to cause a denial of service (daemon crash) via a series of crafted DNS requests, aka Bug ID CSCsj70093.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-gss_4491_global_site_selectorgss_4490_global_site_selectorgss_4480_global_site_selectorgss_4492r_global_site_selectorn/a
CVE-2017-12293
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.65% / 81.23%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverCisco WebEx Meetings Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12260
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.41% / 79.71%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by using formatted specifiers in a SIP payload that is sent to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones that are running firmware release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63986.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-spa_514gspa_504g_firmwarespa_502g_firmwarespa_501gspa_502gspa_512g_firmwarespa_508gspa_501g_firmwarespa_514g_firmwarespa_509gspa_525g_firmwarespa_509g_firmwarespa_504gspa_512gspa_525gspa_508g_firmwareCisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12245
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.66% / 70.25%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak persists over time, a denial of service (DoS) condition could develop because traffic can cease to be forwarded through the device. The vulnerability is due to an error in how the Firepower Detection Snort Engine handles SSL traffic decryption and notifications to and from the Adaptive Security Appliance (ASA) handler. An attacker could exploit this vulnerability by sending a steady stream of malicious Secure Sockets Layer (SSL) traffic through the device. An exploit could allow the attacker to cause a DoS condition when the device runs low on system memory. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.0.1 and later, running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances. Cisco Bug IDs: CSCve02069.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Detection Engine
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CWE ID-CWE-399
Not Available
CVE-2008-4544
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.43% / 87.01%
||
7 Day CHG~0.00%
Published-13 Oct, 2008 | 18:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unityn/a
CVE-2020-3408
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tiosasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS
CWE ID-CWE-185
Incorrect Regular Expression
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3528
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3255
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.98%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-9210
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-2.28% / 84.01%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.168) 12.0(0.98000.178) 12.0(0.98000.399) 12.0(0.98000.510) 12.0(0.98000.536) 12.0(0.98500.7).

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managerCisco Unified Reporting
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-20451
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.88%
||
7 Day CHG~0.00%
Published-07 Aug, 2024 | 16:48
Updated-23 Aug, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly. These vulnerabilities exist because HTTP packets are not properly checked for errors. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the remote interface of an affected device. A successful exploit could allow the attacker to cause a DoS condition on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa_501g_firmwarespa_509g_firmwarespa_514g_4-line_ip_phonespa_508g_firmwarespa_301_1_line_ip_phonespa_525g2_5-line_ip_phonespa_303_3_line_ip_phonespa_514g_firmwarespa_525g2_firmwarespa_508g_8-line_ip_phonespa_301_firmwarespa_512g_firmwarespa_504g_4-line_ip_phonespa_303_firmwarespa_502g_1-line_ip_phonespa_504g_firmwarespa_525g_5-line_ip_phonespa_502g_firmwarespa_501g_8-line_ip_phonespa_509g_12-line_ip_phonespa_512g_1-line_ip_phonespa_525g_firmwareCisco Small Business IP Phones
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-6469
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.99% / 75.98%
||
7 Day CHG~0.00%
Published-14 Dec, 2016 | 00:37
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-010.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceCisco Web Security Appliance (WSA)
CVE-2016-6421
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 66.83%
||
7 Day CHG~0.00%
Published-05 Oct, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 61
  • 62
  • Next
Details not found