Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-1817

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-03 May, 2019 | 16:30
Updated At-19 Nov, 2024 | 19:08
Rejected At-
Credits

Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:03 May, 2019 | 16:30
Updated At:19 Nov, 2024 | 19:08
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Web Security Appliance (WSA)
Versions
Affected
  • From unspecified before 11.5.2-020 (custom)
  • From unspecified before 11.7.0-406 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20
Type: CWE
CWE ID: CWE-20
Description: CWE-20
Metrics
VersionBase scoreBase severityVector
3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:03 May, 2019 | 17:29
Updated At:24 Mar, 2023 | 17:39

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.08.6HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-115
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-115:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-124
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-124:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.5.1-fcs-125
cpe:2.3:a:cisco:web_security_appliance:11.5.1-fcs-125:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>web_security_appliance>>11.7.0-fcs-334
cpe:2.3:a:cisco:web_security_appliance:11.7.0-fcs-334:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryykramarz@cisco.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dosykramarz@cisco.com
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-wsa-dos
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3085Records found
CVE-2018-0086
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.65% / 81.23%
||
7 Day CHG~0.00%
Published-18 Jan, 2018 | 06:00
Updated-02 Dec, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during communications with the Cisco Virtualized Voice Browser (VVB). An attacker could exploit this vulnerability by sending malformed SIP INVITE traffic to the targeted appliance. An exploit could allow the attacker to impact the availability of services and data on the device, causing a DoS condition. This vulnerability affects Cisco Unified CVP running any software release prior to 11.6(1). Cisco Bug IDs: CSCve85840.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_customer_voice_portalCisco Unified Customer Voice Portal
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-2140
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.41% / 60.66%
||
7 Day CHG~0.00%
Published-12 Apr, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-cisco_ons_15454_system_softwareons_15454n/a
CVE-2018-0305
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.11% / 77.22%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to force a NULL pointer dereference and cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69966, CSCve02435, CSCve04859, CSCve41590, CSCve41593, CSCve41601.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_9000nexus_7000_firmwarefirepower_9000_firmwareunified_computing_systemnexus_5000_firmwarenexus_5000nexus_9000_firmwarenexus_7000unified_computing_system_firmwarefirepower_9000Cisco FXOS and NX-OS unknown
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-0164
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.48% / 64.32%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. The vulnerability is due to incorrect handling of crafted IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets through the device. An exploit could allow the attacker to cause an interface queue wedge. This vulnerability affects the Cisco cBR-8 Converged Broadband Router, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco Cloud Services Router 1000V Series when configured with IPv6. In the field and internal testing, this vulnerability was only observed or reproduced on the Cisco cBR-8 Converged Broadband Router. The Cisco ASR 1000 Series Aggregation Services Routers and Cisco Cloud Services Router 1000V Series contain the same code logic, so affected trains have had the code fix applied; however, on these two products, the vulnerability has not been observed in the field or successfully reproduced internally. Cisco Bug IDs: CSCvd75185.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-399
Not Available
CVE-2018-0132
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.41% / 79.72%
||
7 Day CHG~0.00%
Published-08 Feb, 2018 | 07:00
Updated-02 Dec, 2024 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of extremely long routing updates. An attacker could exploit this vulnerability by sending a large routing update. A successful exploit could allow the attacker to trigger inconsistency between the FIB and the RIB, resulting in a DoS condition. Cisco Bug IDs: CSCus84718.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-carrier_routing_systemCisco IOS XR
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0470
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-3.96% / 87.89%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software HTTP Denial of Service Vulnerability

A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker could exploit this vulnerability by sending a malformed HTTP packet to an affected device for processing. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0473
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-3.65% / 87.39%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosCisco IOS Software
CWE ID-CWE-399
Not Available
CVE-2018-0154
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.10%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcloud_services_router_1000vcatalyst_3850-16xs-s4331\/k9-rf_integrated_services_routercatalyst_9800catalyst_3850-24t-ecatalyst_3850-48p-ecatalyst_9300-24t-e4331_integrated_services_routercatalyst_9800_embedded_wireless_controller4461_integrated_services_router82019800-40catalyst_3850-24u-l1100-8p_integrated_services_router1111x_integrated_services_routerasr_1002-xcatalyst_8540msrcatalyst_9300l-24t-4g-ecatalyst_9300l-48p-4g-acatalyst_9400catalyst_3850-24s-s1100-6g_integrated_services_router1100_integrated_services_routercatalyst_8300-2n2s-4t2x1861_integrated_service_routercatalyst_3850-16xs-easr_1002catalyst_3850-48t-scatalyst_8500lcatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_9300-48s-ecatalyst_3850-24xu-scatalyst_9300l_stack1941w_integrated_services_routercatalyst_8300-1n1s-4t2x1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_9300-24s-a1000_integrated_services_routerasr_1013catalyst_9800-40_wireless_controllercatalyst_3850-48t-lasr_1000-xcatalyst_9200cxcatalyst_3850-24p-scatalyst_9300l-24t-4x-e1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routercatalyst_9300-48s-aasr_1000-esp200-x1841_integrated_service_routerasr_1006-xcatalyst_3850-24u-ecatalyst_9800-lcatalyst_3850-24u-s1802_integrated_service_router88041160_integrated_services_routerintegrated_services_virtual_router9800-80asr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_8510csrcatalyst_9300-48t-acatalyst_9300xcatalyst_3850-nm-8-10g1101_integrated_services_routercatalyst_8300-1n1s-6t8102-64hcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3850-48p-s4321\/k9-rf_integrated_services_routercatalyst_3850-48u-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_9410rcatalyst_8500-4qcesr-6300-con-k9catalyst_3850-nm-2-40gcatalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-l8800_8-slotcatalyst_9600_supervisor_engine-188121812_integrated_service_routerioscatalyst_9400_supervisor_engine-11101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_ie93008800_18-slotcatalyst_9300-48uxm-acatalyst_3850asr_1004catalyst_8200catalyst_9800-clasr_1001-x8201-32fhcatalyst_3850-32xs-sasr_1023catalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchesr63004331\/k9-ws_integrated_services_routercatalyst_9800-80_wireless_controller4321\/k9-ws_integrated_services_routercatalyst_9300l-48p-4x-aasr_1001-x_r1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3850-48t-ecatalyst_9300l-24p-4g-a1941_integrated_services_routercatalyst_3850-48xs-ecatalyst_9300l-48t-4g-a8800_12-slot8218catalyst_9300-24ux-acatalyst_9407r1906c_integrated_services_routercatalyst_9800-l-fcatalyst_9800-804351\/k9-ws_integrated_services_router44461_integrated_services_router1100-4g_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_router1100-4gltena_integrated_services_router4351_integrated_services_router8101-32hcatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_8500catalyst_3850-24xs-scatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_ie3200_rugged_switch8818catalyst_3850-24xu1109_integrated_services_router9800-clcatalyst_9300l-48t-4g-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006asr_10018202catalyst_ie3300_rugged_switch9800-l82084431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3850-48f-scatalyst_9300-48uxm-easr_1002-hxcatalyst_9300l-24p-4x-e1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3850-24xu-ecatalyst_930088081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_routercatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-ecatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9800-40catalyst_9300-24u-acatalyst_3850-24t-lasr_1002-x_rcatalyst_9300-48t-ecatalyst_9300-48u-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-24ux-ecatalyst_9300-48u-aasr_10008831catalyst_9300-24s-ecatalyst_3850-24p-ecatalyst_3850-24xscatalyst_9300l-48p-4g-e1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300asr_1009-xcbr8_converged_broadband_router1109-4p_integrated_services_routercatalyst_3850-48ucatalyst_9300-24u-ecatalyst_9800-l-c1921_integrated_services_routeresr-6300-ncp-k9catalyst_3850-12s-e4451_integrated_services_routercatalyst_3850-32xs-e8101-32fhasr_1002-hx_rcatalyst_9300l-48t-4x-a1803_integrated_service_routerCisco IOSIOS Software
CVE-2020-3414
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IPv4 or IPv6 traffic to or through an affected device. An attacker could exploit this vulnerability by sending IP traffic to or through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe4461_integrated_services_routerCisco IOS XE Software 17.1.1
CWE ID-CWE-19
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-6731
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 70.26%
||
7 Day CHG~0.00%
Published-10 Jul, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds. More Information: CSCvd94828. Known Affected Releases: 4.3.2.MCAST 6.0.2.BASE. Known Fixed Releases: 6.3.1.19i.MCAST 6.2.3.1i.MCAST 6.2.2.17i.MCAST 6.1.4.12i.MCAST.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrCisco IOS XR
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-6653
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.75% / 72.18%
||
7 Day CHG~0.00%
Published-22 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress. Cisco Bug IDs: CSCvc81803.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-399
Not Available
CVE-2017-6791
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.79% / 81.99%
||
7 Day CHG~0.00%
Published-07 Sep, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security (TLS) traffic by the affected software. An attacker could exploit this vulnerability by generating incomplete traffic streams. A successful exploit could allow the attacker to deny access to the TVS for an affected device, resulting in a DoS condition, until an administrator restarts the service. Known Affected Releases 10.0(1.10000.24) 10.5(2.10000.5) 11.0(1.10000.10) 9.1(2.10000.28). Cisco Bug IDs: CSCux21905.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managerCisco Unified Communications Manager
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-6599
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.43% / 62.02%
||
7 Day CHG~0.00%
Published-07 Apr, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-20854
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.96%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 17:31
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerfirepower_threat_defenseCisco Firepower Management CenterCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-20795
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.20% / 42.28%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 18:50
Updated-06 Nov, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300firepower_4150asa_for_nexus_1000vfirepower_1010firepower_1140firepower_2120firepower_2130adaptive_security_appliance_softwarefirepower_4110firepower_1120firepower_2110firepower_4125asa_5515-xfirepower_4112firepower_4140adaptive_security_appliancefirepower_2140asa_5545-xasa_5505asa_5555-xfirepower_4145asa_5580asa_5585-xfirepower_4120asa_5525-xfirepower_1150firepower_4115asa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2022-20710
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-10||CRITICAL
EPSS-1.73% / 81.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2022 | 17:06
Updated-06 Nov, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Vulnerabilities

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv340_firmwarerv340wrv345prv345rv345_firmwarerv345p_firmwarerv340rv340w_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20770
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.50% / 64.92%
||
7 Day CHG-0.01%
Published-04 May, 2022 | 17:05
Updated-06 Nov, 2024 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Action-Not Available
Vendor-ClamAVDebian GNU/LinuxFedora ProjectCisco Systems, Inc.
Product-secure_endpointclamavdebian_linuxfedoraCisco AMP for Endpoints
CWE ID-CWE-399
Not Available
CVE-2022-20847
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.43% / 61.50%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-01 Nov, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family DHCP Processing Denial of Service Vulnerability

A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DHCP messages. An attacker could exploit this vulnerability by sending malicious DHCP messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-40catalyst_9800-l-ccatalyst_9800catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2022-20960
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 19:30
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Secure Email
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-20678
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.14% / 34.99%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software AppNav-XE Denial of Service Vulnerability

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-1100-4g_integrated_services_router1111x_integrated_services_router1131_integrated_services_router1100-6g_integrated_services_routercatalyst_8300-1n1s-4t2xcatalyst_8500l4431_integrated_services_routercatalyst_8000v_edge1160_integrated_services_routercatalyst_8300-1n1s-6tcloud_services_router_1000vios_xe4221_integrated_services_routercatalyst_8300-2n2s-4t2x4331_integrated_services_router4461_integrated_services_routercatalyst_8500-4qcasr_1001-xcatalyst_8300-2n2s-6t1101_integrated_services_router1109_integrated_services_routerasr_1002-xcatalyst_8500111x_integrated_services_router1120_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-413
Improper Resource Locking
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-20919
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.23% / 45.63%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr-920-12sz-im-ccasr_1023_routerasr_907catalyst_9500hasr-920-12cz-acatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9124axiasr_920-12sz-imcatalyst_9300l-48t-4x-aasr_920-12sz-im_routercatalyst_8300catalyst_9115axicatalyst_8500-4qccatalyst_3850-48u-lcatalyst_9117axicatalyst_9800-80_wireless_controllerasr-920-4sz-acatalyst_8300-1n1s-6tcatalyst_9300l-24t-4g-easr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-easr_9000_rsp440_router1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr_1002_fixed_routerasr1002-xcatalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_9100catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1catalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902uasr_920-4sz-a_routercatalyst_9105axi1100-4p_integrated_services_routerasr-920-24tz-masr_903asr_9920asr_9906catalyst_ie3200_rugged_switchasr1000-mip100catalyst_3850-48t-e1101_integrated_services_routerasr_920-24tz-m_rasr_920-24sz-m_rasr_900_route_switch_processor_3_\(rsp3\)asr_9010catalyst_3850-12s-sasr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9130_apcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_920-10sz-pd_routercatalyst_9120axpasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_900_asr_901s-3sg-f-ahasr1002-hxasr1000-rp34221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr1002-x-wsasr_1002-xasr_920-12cz-d_rcatalyst_9300lcatalyst_9115_apcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrcatalyst_9120axeasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_9117catalyst_3850-12s-ecatalyst_8500asr_920u-12sz-imcatalyst_3850-24t-ecatalyst_9130axiasr_920-24sz-m_routerasr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2xcatalyst_ie3300_rugged_switchasr1001-x-wscatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r1100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_5700asr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9105axwcatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-scatalyst_3850-24ucatalyst_9300l_stackasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-easr_900_route_switch_processor_2_\(rsp2\)asr_920-4sz-dasr_920-4sz-d_routercatalyst_9120_apcatalyst_9800-lasr_1013catalyst_8540msrasr_920-24sz-imasr_5500asr-920-12sz-dcatalyst_3850-nm-2-40gcatalyst_9300lmcatalyst_9300-24t-easr_9000vasr1001-hxcatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-aasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_9130asr_901-6cz-ft-dasr_901-6cz-f-dasr_9000asr_5000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_9120axiasr-920-12sz-acatalyst_9115axecatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_9105asr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-sasr_901-4c-f-dcatalyst_9130axeasr_1001-hx_rcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e1000_integrated_services_routercatalyst_9300-48uxm-aasr_1023catalyst_9300-24p-aasr_1001asr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_9117_apcatalyst_3850-48uasr_1001-hxcatalyst_ie3300asr_1009-xcatalyst_9300-24u-easr_901-6cz-f-acatalyst_9124asr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr-920-12sz-imasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-lcatalyst_91151120_integrated_services_routercatalyst_3850-24xsasr_9903catalyst_91204431_integrated_services_routerasr_901-6cz-fs-acatalyst_9124axdasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-20653
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.80% / 73.17%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 15:00
Updated-06 Nov, 2024 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability

A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asyncosCisco Email Security Appliance (ESA)
CWE ID-CWE-399
Not Available
CVE-2022-20751
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.78% / 72.81%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4150firepower_1010firepower_1020firepower_1140firepower_2120firepower_4100firepower_2130firepower_2100firepower_4110firepower_1120firepower_2110firepower_4125firepower_1000firepower_1040firepower_4112firepower_1030firepower_4140firepower_2140firepower_4145firepower_4120firepower_1150firepower_4115firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-20756
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.13% / 77.42%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 18:13
Updated-06 Nov, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability

A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS requests. An attacker could exploit this vulnerability by attempting to authenticate to a network or a service where the access server is using Cisco ISE as the RADIUS server. A successful exploit could allow the attacker to cause Cisco ISE to stop processing RADIUS requests, causing authentication/authorization timeouts, which would then result in legitimate requests being denied access. Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) is required. See the Details section for more information.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-399
Not Available
CVE-2022-20771
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.66%
||
7 Day CHG-0.02%
Published-04 May, 2022 | 17:05
Updated-06 Nov, 2024 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Action-Not Available
Vendor-ClamAVDebian GNU/LinuxFedora ProjectCisco Systems, Inc.
Product-secure_endpointclamavdebian_linuxfedoraCisco AMP for Endpoints
CWE ID-CWE-399
Not Available
CVE-2022-20726
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.49% / 64.39%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:20
Updated-06 Nov, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Hosting Environment Vulnerabilities

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ic3000_industrial_compute_gatewayioscgr1000_compute_moduleCisco IOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-20746
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.93%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20848
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.47% / 63.78%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3650-24ps-scatalyst_3850catalyst_3650asr-920-12sz-im-ccasr_907catalyst_9500hasr-920-12cz-acatalyst_3650-12x48urcatalyst_3850-16xs-scatalyst_9300l-24t-4x-acatalyst_3850-48pw-scatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9300l-48t-4x-aasr_920-12sz-imasr_920-12sz-im_routercatalyst_8300catalyst_3650-24pdmcatalyst_3850-48u-lcatalyst_8500-4qccatalyst_3650-8x24pd-scatalyst_3650-48ts-lasr-920-4sz-acatalyst_3650-8x24uq-lcatalyst_8300-1n1s-6t8101-32fhcatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_9300l-24t-4g-ecatalyst_3650-24ts-lasr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_9800-clcatalyst_9300-48p-ecatalyst_3650-8x24pd-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr1002-x9800-40catalyst_3650-12x48uq-ecatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_8510msrcatalyst_3850-16xs-ecatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3650-24pdm-scatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-ecatalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9400catalyst_3650-48fqm-scatalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_3650-12x48fd-scatalyst_9600_supervisor_engine-1catalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_3650-8x24uq-scatalyst_3650-48tq-lcatalyst_9300-48u-aasr_902uasr_920-4sz-a_router1100-4p_integrated_services_routercatalyst_3650-48fq-sasr-920-24tz-masr_903asr_9920asr_9906asr1000-mip100catalyst_3850-48t-ecatalyst_3650-48pq-s1101_integrated_services_routerasr_920-24tz-m_rcatalyst_3650-48fqm-l8101-32hasr_920-24sz-m_rcatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-easr_1002-hx_r3000_integrated_services_routerasr_920-10sz-pd_routercatalyst_3650-12x48uz-sasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr1002-hxasr_901s-3sg-f-ahasr1000-rp3catalyst_3650-12x48fd-ecatalyst_3850-48f-l4221_integrated_services_routercatalyst_3850-24xu-lcatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-easr1002-x-wsasr_1002-xcatalyst_9300lasr_920-12cz-d_r8800_18-slotcatalyst_3650-12x48uq-scatalyst_3650-12x48uz-e4451-x_integrated_services_routercatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_920-24sz-m_routercatalyst_3650-24ts-scatalyst_3650-24ps-easr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_3650-48pd-ecatalyst_3650-48fqm-easr1001-x-wscatalyst_3650-24pdm-easr_1000catalyst_3650-48ts-ecatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-s8202catalyst_3650-24pdm-lcatalyst_9300l_stack9800-lcatalyst_3850-24uasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-ecatalyst_3650-24ts-ecatalyst_3650-24ps-lasr_920-4sz-dcatalyst_3650-48td-sasr_920-4sz-d_router111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gasr-920-12sz-dcatalyst_9300lmcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fd-lcatalyst_3650-48fs-ecatalyst_9300-24t-ecatalyst_3650-12x48uzasr_9000vasr1001-hxcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24t-scatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-acatalyst_3650-48tq-sasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_3650-48fd-easr_901-6cz-ft-dasr_901-6cz-f-dasr_9000catalyst_3650-48fq-ecatalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3650-12x48fd-lasr-920-12sz-acatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-aasr_1006catalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-scatalyst_3650-12x48ur-lasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_3650-24pdcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-acatalyst_3650-48ps-lasr_10011100-4g\/6g_integrated_services_routerasr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lasr_1001-hxcatalyst_ie3300catalyst_3650-48fqcatalyst_3650-48fq-l8102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-aasr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_3650-48pd-scatalyst_9300-48un-aasr_1001-x_rcatalyst_3650-24pd-easr-920-12sz-imasr_901-6cz-fs-dcatalyst_3650-12x48uz-lcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotcatalyst_3650-48ps-s4431_integrated_services_router9800-80asr_901-6cz-fs-aasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xcatalyst_3650-48ts-s8800_12-slotcatalyst_3650-48ps-easr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2020-3255
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.99%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3596
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-08 Oct, 2020 | 04:20
Updated-13 Nov, 2024 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Expressway Series and TelePresence Video Communication Server Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of incoming SIP traffic. An attacker could exploit this vulnerability by sending a series of SIP packets to an affected device. A successful exploit could allow the attacker to exhaust memory on an affected device, causing it to crash and leading to a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-expresswaytelepresence_video_communication_serverCisco TelePresence Video Communication Server (VCS) Expressway
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2020-3305
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:42
Updated-15 Nov, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3338
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.99%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:40
Updated-13 Nov, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinenexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3132c-znexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_3524nexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_92304qcnexus_92160yc-xnexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_7000nexus_92300ycnexus_3064nexus_3232cnexus_9396pxnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software 5.2(1)
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2020-3554
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.25% / 48.50%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3254
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareadaptive_security_appliance_softwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3422
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.23% / 78.33%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. The vulnerability exists because the IP SLA responder could consume a port that could be used by another feature. An attacker could exploit this vulnerability by sending specific IP SLA control packets to the IP SLA responder on an affected device. The control packets must include the port number that could be used by another configured feature. A successful exploit could allow the attacker to cause an in-use port to be consumed by the IP SLA responder, impacting the feature that was using the port and resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-1111x_integrated_services_routercatalyst_3850catalyst_3650asr_1013catalyst_9200catalyst_98004431_integrated_services_router1160_integrated_services_routercatalyst_9600catalyst_9500asr_1002-hxcsr_1000v1100_integrated_services_routerios_xe4221_integrated_services_router4331_integrated_services_routerasr_10064461_integrated_services_routercatalyst_9300asr_1001-xasr_10041109_integrated_services_router1101_integrated_services_routercatalyst_9400asr_1001-hx111x_integrated_services_routerasr_1002-x1120_integrated_services_routerasr_1009-xasr_1006-xCisco IOS XE Software
CWE ID-CWE-371
Not Available
CVE-2020-3481
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-3.90% / 87.82%
||
7 Day CHG~0.00%
Published-20 Jul, 2020 | 17:45
Updated-13 Nov, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability

A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectClamAVCanonical Ltd.Cisco Systems, Inc.
Product-ubuntu_linuxclamavdebian_linuxfedoraClamAV
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-3572
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.86% / 82.30%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:40
Updated-13 Nov, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability

A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3499
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.86% / 82.30%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Management Center Software Denial of Service Vulnerability

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. A successful exploit could allow the attacker to cause the affected system to become unresponsive, resulting in a DoS condition and preventing the management of dependent devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Center
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3517
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.51% / 80.46%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:40
Updated-13 Nov, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300nexus_93180lc-exfirepower_4150ucs_6300nexus_56128pnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txfirepower_4110nexus_93128txnexus_9336pq_aci_spinenexus_6004firepower_4145nexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cmds_9200nexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3164qnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_5548pnexus_9348gc-fxpnexus_5648qnexus_3172nexus_9272qnexus_3464cmds_9700nexus_93216tc-fx2nexus_36180yc-rnexus_5672upnexus_93180yc-fxnexus_3264qfirepower_4140nexus_3432d-sucs_6454nexus_34180ycnexus_9000vnexus_31108pc-vnexus_5596upfirepower_4115nexus_3524nexus_3548mds_9500nexus_3132qnexus_3016nexus_9372pxucs_64108nexus_5696qnexus_92304qcnexus_92160yc-xucs_6248upfirepower_4125mds_9100nexus_9504nexus_3048nexus_9372tx-enexus_6001nexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlucs_6324nexus_9396txfirepower_4120nexus_7000nexus_92300ycnexus_3064nexus_3232cnexus_5548upnexus_9396pxucs_6296upnexus_5596tfirepower_extensible_operating_systemnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_5624qfirepower_4112nexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-3369
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vEdge Routers Denial of Service Vulnerability

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP packets through an affected device. A successful exploit could allow the attacker to make the device reboot continuously, causing a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_cloud_routersd-wan_firmwarevedge_5000Cisco SD-WAN vEdge router
CWE ID-CWE-118
Incorrect Access of Indexable Resource ('Range Error')
CVE-2020-3528
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.93%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3436
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.15% / 83.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-3529
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.31% / 78.99%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3574
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.50%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:16
Updated-13 Nov, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-webex_room_phoneip_phone_8841_firmwareip_dect_6825_firmwareip_phone_8841ip_dect_210ip_phone_8861unified_ip_conference_phone_8831_firmwareip_phone_8811ip_dect_6825ip_phone_8811_firmwareip_phone_8851ip_dect_210_firmwareip_phone_8861_firmwarewebex_room_phone_firmwareunified_ip_conference_phone_8831ip_phone_8851_firmwareCisco IP Phones with Multiplatform Firmware
CWE ID-CWE-371
Not Available
CVE-2020-3560
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:50
Updated-13 Nov, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562iaironet_1830e1111-8pwbaironet_1850e1113-8pmwecatalyst_iw6300aironet_3800e1111-8plteeawbaironet_1562ecatalyst_9800-l-c1117-4pmweaironet_2800iaironet_1542iaironet_3800pcatalyst_9800-80catalyst_9800-l-faironet_1830icatalyst_9117wireless_lan_controller_softwareaironet_1815catalyst_91151117-4pwebusiness_140accatalyst_9130aironet_4800catalyst_9800-laironet_1542dbusiness_240accatalyst_9800-40aironet_access_point_softwarecatalyst_9120aironet_1562dbusiness_access_pointsaccess_points1116-4pweesw-6300-con-x-k9business_145ac1113-8pwe1113-8plteeawe1117-4plteeaweaironet_3800i1111-4pweaironet_1850icatalyst_9800-cl1117-4pmlteeawewireless_lan_controlleraironet_2800e1116-4plteeawecatalyst_9105Cisco Aironet Access Point Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3283
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.31% / 78.99%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwarefirepower_1010firepower_1020asa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwarefirepower_1040asa_5520_firmwareasa_5515-xfirepower_1030asa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3408
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tiosasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS
CWE ID-CWE-185
Incorrect Regular Expression
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3273
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.64% / 69.65%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 20:11
Updated-15 Nov, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability

A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). The vulnerability is due to incomplete input validation of the 802.11 GAS frames that are processed by an affected device. An attacker could exploit this vulnerability by sending a crafted 802.11 GAS frame over the air to an access point (AP), and that frame would then be relayed to the affected WLC. Also, an attacker with Layer 3 connectivity to the WLC could exploit this vulnerability by sending a malicious 802.11 GAS payload in a Control and Provisioning of Wireless Access Points (CAPWAP) packet to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-5508_wireless_controller5520_wireless_controller5508_wireless_controller_firmware5520_wireless_controller_firmwareCisco Wireless LAN Controller (WLC)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-3509
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecbr-8Cisco IOS XE Software
CWE ID-CWE-388
Not Available
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-3562
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.53% / 66.21%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120firepower_2130firepower_2110firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 61
  • 62
  • Next
Details not found