Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-20808

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-06 Jul, 2022 | 20:30
Updated At-06 Nov, 2024 | 16:11
Rejected At-
Credits

Cisco Smart Software Manager On-Prem Denial of Service Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem. A successful exploit could allow the attacker to cause a DoS condition on an affected device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:06 Jul, 2022 | 20:30
Updated At:06 Nov, 2024 | 16:11
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Smart Software Manager On-Prem Denial of Service Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem. A successful exploit could allow the attacker to cause a DoS condition on an affected device.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Smart Software Manager On-Prem
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400
Type: CWE
CWE ID: CWE-400
Description: CWE-400
Metrics
VersionBase scoreBase severityVector
3.17.7HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Version: 3.1
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
vendor-advisory
x_refsource_CISCO
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
Resource:
vendor-advisory
x_refsource_CISCO
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:06 Jul, 2022 | 21:15
Updated At:07 Nov, 2023 | 03:43

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem. A successful exploit could allow the attacker to cause a DoS condition on an affected device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.7HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
Cisco Systems, Inc.
cisco
>>smart_software_manager_on-prem>>Versions from 8(inclusive) to 8-202112(exclusive)
cpe:2.3:a:cisco:smart_software_manager_on-prem:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primarynvd@nist.gov
CWE-400Secondaryykramarz@cisco.com
CWE ID: CWE-400
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-400
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOSykramarz@cisco.com
Vendor Advisory
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

486Records found
CVE-2022-20624
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-5.76% / 90.12%
||
7 Day CHG~0.00%
Published-23 Feb, 2022 | 17:40
Updated-06 Nov, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3132q-xnexus_3636c-rnexus_9508nx-osucs_64108nexus_92304qcnexus_92160yc-xn9k-c9332d-gx2bn9k-c9316d-gxnexus_9504nexus_3048nexus_3524-xln9k-c9348d-gx2anexus_3548-xlnexus_31128pqnexus_3132q-vnexus_3164qnexus_3172pqnexus_92300ycnexus_92348gc-xnexus_3132c-znexus_3524-xnexus_31108tc-vnexus_3232cn9k-c9364d-gx2an9k-c93600cd-gxnexus_9272qnexus_3464cnexus_36180yc-rnexus_3264c-enexus_3264qnexus_3548-xnexus_3132q-xlnexus_3432d-snexus_3172tq-xlucs_6454nexus_3408-snexus_34180ycnexus_31108pc-vnexus_9236cnexus_9516nexus_3172pq-xlCisco NX-OS Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12318
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 70.25%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition. The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes. Cisco Bug IDs: CSCvf19887.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-rf_gateway_1_firmwarerf_gateway_1Cisco RF Gateway 1
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-399
Not Available
CVE-2017-12293
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.65% / 81.23%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverCisco WebEx Meetings Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-20268
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.03% / 5.35%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:22
Updated-12 Dec, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.  This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9800_embedded_wireless_controller_firmwarecatalyst_9800_embedded_wireless_controllerbusiness_151axm_firmwarebusiness_150ax_firmwarewireless_lan_controller_softwarebusiness_151axmbusiness_150axCisco Business Wireless Access Point SoftwareCisco Aironet Access Point SoftwareCisco Aironet Access Point Software (IOS XE Controller)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3408
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4x1100-6g_integrated_services_routercatalyst_c9407rcatalyst_c9300-48pws-c3650-24td4331_integrated_services_routercatalyst_c9500-16x4461_integrated_services_routercatalyst_c9200-24pasr_1000-xws-c3850catalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4g111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gws-c3650-24psasr1001-hxcatalyst_9800-clws-c3650-48tqcatalyst_c9200l-48p-4gws-c3650-12x48uzws-c3850-48xs1160_integrated_services_routercatalyst_c9300l-24t-4g1100-lte_integrated_services_routercatalyst_c9200l-24pxg-2yws-c3850-24ucatalyst_9800-801109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4gws-c3650-48pd1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_c9300-48uxmcatalyst_9800-401101-4p_integrated_services_router1100-4p_integrated_services_routercatalyst_c9500-40xasr_1006ws-c3850-24xsasr1002-hx-wscatalyst_c9200-24tws-c3650-24pdm1101_integrated_services_router1100-4gltegb_integrated_services_router4451_integrated_services_routerws-c3650-48fqmws-c3850-48tcatalyst_c9200l-48p-4xcatalyst_c9410rcatalyst_c9300-24pasr1001-hx-rfws-c3650-24pdws-c3650-48fsws-c3850-48pws-c3850-24pcatalyst_c9300-48u1100-4gltena_integrated_services_router1100_integrated_services_routerws-c3650-8x24uqcatalyst_9800-l-cws-c3650-48tscatalyst_c9300-48tcatalyst_c9500-12qcatalyst_c9500-24qws-c3650-12x48urcatalyst_c9200-48tcatalyst_c9300-24sasr1002-x-rfws-c3650-12x48uqws-c3650-48tdasr_1001asr1002-hx4221_integrated_services_routercatalyst_c9404rws-c3850-12x48ucatalyst_c9300-24ucatalyst_c9200l-48t-4xws-c3650-48fdasr1002-x-wscatalyst_c9500-32casr_1002-xcatalyst_c9300l-24p-4gws-c3850-12scatalyst_c9500-32qcasr1002-hx-rfws-c3850-48ucatalyst_c9200l-24p-4gcatalyst_c9300-48sws-c3650-48fqws-c3850-48fws-c3850-24xucatalyst_c9300l-48t-4xws-c3650-48ps1109-2p_integrated_services_routerws-c3850-24tiosasr_1002catalyst_c9300l-24t-4xcatalyst_9800-l-fws-c3650-24tsasr_1004catalyst_c9200-48p1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4xasr1001-x-rfws-c3650-48pqcatalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xasr1001-x-wscsr_1000vios_xecatalyst_c9300l-48t-4g1111x-8p_integrated_services_routercatalyst_c9500-48y4c1100-8p_integrated_services_routerws-c3850-24s1109-4p_integrated_services_routercatalyst_c9300-24uxasr_1001-xws-c3850-12xsCisco IOS
CWE ID-CWE-185
Incorrect Regular Expression
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3528
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3255
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.98%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3504
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-3.3||LOW
EPSS-0.17% / 38.34%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:40
Updated-13 Nov, 2024 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300nexus_93180lc-exfirepower_4150ucs_6300nexus_56128pnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508firepower_2130nexus_93120txfirepower_4110nexus_93128txnexus_9336pq_aci_spinefirepower_2110nexus_6004firepower_4145nexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cmds_9200nexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3164qnexus_3524-xnexus_3132c-znexus_31108tc-vnexus_5548pnexus_9348gc-fxpnexus_5648qnexus_3172firepower_1140nexus_9272qnexus_3464cmds_9700nexus_93216tc-fx2firepower_1120nexus_36180yc-rnexus_5672upnexus_93180yc-fxnexus_1000_virtual_edgenexus_3264qfirepower_4140nexus_3432d-sucs_6454nexus_34180ycnexus_9000vnexus_31108pc-vnexus_5596upfirepower_4115nexus_3524nexus_3548mds_9500nexus_3132qnexus_3016nexus_9372pxucs_64108nexus_5696qnexus_92304qcnexus_92160yc-xucs_6248upfirepower_4125mds_9100nexus_9504nexus_3048nexus_9372tx-enexus_6001nexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlucs_6324nexus_9396txfirepower_4120nexus_7000nexus_92300ycnexus_3064firepower_1150nexus_3232cfirepower_1010nexus_5548upnexus_9396pxfirepower_2120ucs_6296upnexus_1000vnexus_5596tfirepower_extensible_operating_systemnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_5624qnexus_3548-xfirepower_4112nexus_3132q-xlnexus_3064-tfirepower_2140nexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco Unified Computing System (Managed)
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-20502
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.10% / 27.28%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 18:23
Updated-04 Jun, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-meraki_mx84meraki_mx64w_firmwaremeraki_mx600_firmwaremeraki_mx105meraki_mx250meraki_mx450meraki_mx105_firmwaremeraki_mx450_firmwaremeraki_z4cmeraki_z3c_firmwaremeraki_z3cmeraki_mx68cw_firmwaremeraki_mx100_firmwaremeraki_mx65meraki_mx85meraki_mx95_firmwaremeraki_z4c_firmwaremeraki_mx67cmeraki_mx64_firmwaremeraki_mx85_firmwaremeraki_mx95meraki_mx100meraki_mx68cwmeraki_z3_firmwaremeraki_mx75meraki_mx68w_firmwaremeraki_mx64wmeraki_mx250_firmwaremeraki_mx68meraki_mx67c_firmwaremeraki_mx68wmeraki_vmx_firmwaremeraki_mx400meraki_mx67wmeraki_mx65wmeraki_mx75_firmwaremeraki_mx67w_firmwaremeraki_z4_firmwaremeraki_mx600meraki_mx67meraki_z4meraki_z3meraki_mx64meraki_vmxmeraki_mx67_firmwaremeraki_mx65w_firmwaremeraki_mx68_firmwaremeraki_mx400_firmwaremeraki_mx65_firmwaremeraki_mx84_firmwareCisco Meraki MX Firmwaremeraki_z1meraki_mx
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-20526
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.39% / 59.18%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:53
Updated-31 Oct, 2024 | 01:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. An attacker could exploit this vulnerability by sending crafted SSH messages to an affected device. A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the device would continue to function normally. The device must be rebooted manually to recover. However, user traffic would not be impacted and could be managed using a remote application such as Cisco Adaptive Security Device Manager (ASDM).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Softwareadaptive_security_appliance_software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-20344
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.31% / 53.32%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 16:16
Updated-13 Aug, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric Interconnects that are in Intersight Managed Mode (IMM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the Device Console UI of an affected device. This vulnerability is due to insufficient rate-limiting of TCP connections to an affected device. An attacker could exploit this vulnerability by sending a high number of TCP packets to the Device Console UI. A successful exploit could allow an attacker to cause the Device Console UI process to crash, resulting in a DoS condition. A manual reload of the fabric interconnect is needed to restore complete functionality.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-imm_management_packageucs_6454ucs_64108ucs_6536Cisco Unified Computing System (Managed)ucs_6454ucs_6536
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-20321
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.45%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 16:14
Updated-16 Aug, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nx-osCisco NX-OS Softwarenx-os
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-20500
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.15% / 36.55%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 18:23
Updated-04 Jun, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-meraki_mx84meraki_mx64w_firmwaremeraki_mx600_firmwaremeraki_mx105meraki_mx250meraki_mx450meraki_mx105_firmwaremeraki_mx450_firmwaremeraki_z4cmeraki_z3c_firmwaremeraki_z3cmeraki_mx68cw_firmwaremeraki_mx100_firmwaremeraki_mx65meraki_mx85meraki_mx95_firmwaremeraki_z4c_firmwaremeraki_mx67cmeraki_mx85_firmwaremeraki_mx64_firmwaremeraki_mx95meraki_mx100meraki_mx68cwmeraki_z3_firmwaremeraki_mx75meraki_mx68w_firmwaremeraki_mx64wmeraki_mx250_firmwaremeraki_mx68meraki_mx67c_firmwaremeraki_mx68wmeraki_vmx_firmwaremeraki_mx400meraki_mx67wmeraki_mx65wmeraki_mx75_firmwaremeraki_mx67w_firmwaremeraki_z4_firmwaremeraki_mx600meraki_mx67meraki_z4meraki_z3meraki_mx64meraki_vmxmeraki_mx67_firmwaremeraki_mx65w_firmwaremeraki_mx68_firmwaremeraki_mx400_firmwaremeraki_mx65_firmwaremeraki_mx84_firmwareCisco Meraki MX Firmwaremeraki_z1meraki_mx
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-44228
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2021 | 00:00
Updated-08 Aug, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-24||For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Action-Not Available
Vendor-percussionsnowsoftwareApple Inc.The Apache Software FoundationFedora ProjectCisco Systems, Inc.Siemens AGIntel CorporationNetApp, Inc.Bentley Systems, IncorporatedSonicWall Inc.Debian GNU/Linux
Product-common_services_platform_collectorsolidfire_enterprise_sdsoncommand_insightdatacenter_manageractive_iq_unified_manageroperation_schedulerconnected_analytics_for_network_deploymentindustrial_edge_management_hubsnapcenterintegrated_management_controller_supervisorfirepower_1150iot_operations_dashboardwan_automation_enginefirepower_2140system_studiovirtualized_voice_browserfirepower_2110dna_centersolid_edge_cam_pro6bk1602-0aa42-0tp0energyipcomossecure_device_onboardfirepower_4120sppa-t3000_ses3000_firmwaresiveillance_viewpointfirepower_1120genomics_kernel_librarycontact_center_domain_managercrosswork_data_gatewayxpedition_package_integratornetwork_dashboard_fabric_controller6bk1602-0aa22-0tp0_firmwarecloud_secure_agentnexus_insights6bk1602-0aa22-0tp0firepower_10106bk1602-0aa32-0tp0email_securityunified_contact_center_management_portalopcenter_intelligencexcodedna_spaces_connectorfinessesolidfire_\&_hci_storage_nodepackaged_contact_center_enterpriseunified_sip_proxycloudcenter_suiteucs_directorenergy_engagefxoscustomer_experience_cloud_agentpaging_serverlogo\!_soft_comfortfirepower_2130siveillance_control_prospectrum_power_7cloud_managernetwork_insights_for_data_centersynchro_4d6bk1602-0aa52-0tp0solid_edge_harness_designfog_directornetwork_assurance_enginefirepower_4115nexus_dashboardsmart_phybusiness_process_automation6bk1602-0aa42-0tp0_firmwarebroadworksfirepower_4140emergency_responderucs_centralcomputer_vision_annotation_toolvideo_surveillance_managerconnected_mobile_experiencessynchrohead-end_system_universal_device_integration_systemsentron_powermanagerfedoracloudcenter_cost_optimizer6bk1602-0aa12-0tp0_firmwarespectrum_power_4cloudcentervm_access_proxycloudcenter_suite_adminoneapi_sample_browser6bk1602-0aa52-0tp0_firmwarefirepower_4150virtual_topology_systemfirepower_9300prime_service_catalogbrocade_san_navigatorenterprise_chat_and_emailcloud_connectfirepower_4145teamcenterunified_customer_voice_portalcloud_insightsrhythmyxfirepower_1140sipass_integratedsiveillance_vantageintersight_virtual_appliancesd-wan_vmanageucs_central_softwarecontact_center_management_portalwebex_meetings_serverunified_intelligence_centerunified_workforce_optimizationenergyip_prepaycrosswork_zero_touch_provisioningcx_cloud_agent6bk1602-0aa12-0tp0unity_connectioncloudcenter_workload_manageroptical_network_controllervirtualized_infrastructure_managervideo_surveillance_operations_manager6bk1602-0aa32-0tp0_firmwareunified_communications_manageradvanced_malware_protection_virtual_private_cloud_applianceidentity_services_enginesnow_commandercyber_vision_sensor_management_extensionfirepower_4112unified_contact_center_enterprisedebian_linuxunified_computing_systemunified_contact_center_expressxpedition_enterpriselog4jdesigo_cc_advanced_reportsontap_toolsunified_communications_manager_im_and_presence_servicefirepower_2120mobility_services_enginecrosswork_network_automationdna_spacesvesysautomated_subsea_tuningcyber_visionsiveillance_commandevolved_programmable_network_managerdna_spaces\firepower_4110mendixfirepower_4125sppa-t3000_ses3000unified_communications_manager_im_\&_presence_servicee-car_operation_centernxindustrial_edge_managementworkload_optimization_managerfirepower_threat_defensenavigatorcapitalcrosswork_platform_infrastructurenetwork_services_orchestratordata_center_network_managercrosswork_optimization_enginemindspheresiguard_dsagma-managerdesigo_cc_info_centercrosswork_network_controllersiveillance_identityApache Log4j2Log4j2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2024-20351
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.58% / 67.84%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 17:09
Updated-11 Aug, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defense_softwareCisco Firepower Threat Defense Softwarefirepower_threat_defense_software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-16022
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.50% / 84.74%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:31
Updated-15 Nov, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-xrv_9000ncs_5502-sencs_5508ncs_5001ncs_5002ncs_5501asr_9010ncs_560ncs_1001asr_9001ncs_5516ncs_6000ncs_5501-seasr_9000vasr_9910asr_9906asr_9904asr_9006asr_9912ncs_540crsasr_9922ncs_1004ncs_540lncs_1002ios_xrncs_5502asr_9901Cisco IOS XR Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-3407
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.38% / 58.71%
||
7 Day CHG~0.00%
Published-28 Nov, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-44487
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-94.41% / 99.98%
||
7 Day CHG-0.06%
Published-10 Oct, 2023 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-grpckonghqopenrestykazu-yamamotoistiolinecorptraefiknghttp2linkerdvarnish_cache_projectenvoyproxyakkadenacaddyserveramazonprojectcontourn/aJenkinsF5, Inc.The Netty ProjectEclipse Foundation AISBLThe IETF Administration LLC (IETF LLC)Apple Inc.NetApp, Inc.Microsoft CorporationRed Hat, Inc.Debian GNU/LinuxNode.js (OpenJS Foundation)The Apache Software FoundationFedora ProjectGoCisco Systems, Inc.Facebook
Product-nexus_9516openshift_serverlesscbl-marinernexus_34180ycnexus_3132c-zbig-ip_ddos_hybrid_defendernexus_3132q-xlproxygenarmerianexus_3132q-x\/3132q-xlunified_contact_center_enterprise_-_live_data_servernexus_9336pq_aci_spineintegration_service_registrynexus_9236c_switchwindows_11_22h2migration_toolkit_for_containersnexus_9396px.netnexus_31108pc-vnexus_9336c-fx2nexus_9396tx_switchopenshiftnginx_ingress_controllernexus_9236cadvanced_cluster_securitykong_gatewaynexus_93108tc-ex-24secure_web_appliancewindows_server_2016windows_server_2019openshift_container_platform_assisted_installerbig-ip_next_service_proxy_for_kubernetesnexus_3500integration_camel_knexus_9396txnexus_9372txnexus_93216tc-fx2apisixnginx_plusnexus_9800linkerdsupport_for_spring_bootnexus_3132q-xnode_healthcheck_operator3scale_api_management_platformnexus_9500nexus_93120txnexus_3264c-enexus_9500_4-slotopenstack_platformtelepresence_video_communication_servernexus_36180yc-rtomcatnexus_3132qnexus_3172tq-32topenshift_distributed_tracingnexus_9348gc-fxpbig-ip_nextenterprise_chat_and_emailbig-ip_global_traffic_managerbig-ip_fraud_protection_serviceunified_contact_center_enterprisecontouropenshift_container_platformnexus_3100-vsecure_malware_analyticsnexus_92160yc_switchnexus_34200yc-smnexus_9348d-gx2anexus_9364c-gxmigration_toolkit_for_virtualizationnexus_3100-zfog_directornexus_9804nexus_3432d-sultra_cloud_core_-_session_management_functionnexus_3524swiftnio_http\/2nexus_3400cryostatnexus_31108pv-vnexus_9372tx_switchnexus_3172tqbig-ip_advanced_web_application_firewalljboss_fusenexus_3172pq-xlfedoranexus_9272qopenshift_developer_tools_and_servicesnexus_9500rdecision_managernexus_9500_supervisor_b\+nexus_3548-x\/xlnexus_9232enexus_92348gc-xunified_attendant_console_advancedopenshift_sandboxed_containersultra_cloud_core_-_serving_gateway_functionnexus_9332d-h2rnexus_93128nexus_3548-xnexus_9200ycnexus_3064tbig-ip_policy_enforcement_managernexus_93108tc-exlogging_subsystem_for_red_hat_openshiftasp.net_corebig-ip_local_traffic_managernexus_93360yc-fx2big-ip_webacceleratornexus_3132q-vnexus_9336c-fx2-esolrcaddyistiounified_contact_center_management_portalnexus_9332cnexus_9200nexus_9516_switchnexus_3548nexus_3172pq\/pq-xlnexus_3048secure_dynamic_attributes_connectornexus_93600cd-gxnexus_9372px_switchnexus_3164qazure_kubernetes_serviceopenshift_secondary_scheduler_operatornexus_9500_8-slotnexus_9508openshift_virtualizationprime_cable_provisioningnexus_9364copensearch_data_preppernexus_93128tx_switchhttpwindows_10_21h2firepower_threat_defensesingle_sign-onnexus_9221cgobuild_of_optaplannerprime_access_registrarnetworkingnexus_9500_16-slotnexus_3232cnexus_93108tc-fxvarnish_cachenexus_9504jboss_enterprise_application_platformwindows_10_1607nexus_92304qcintegration_camel_for_spring_bootrun_once_duration_override_operatornexus_9716d-gxnexus_9000vnexus_3016windows_11_21h2openshift_pipelinesnexus_9408visual_studio_2022nexus_9336pq_acinexus_93180yc-fx3debian_linuxnx-osceph_storagenexus_9316d-gxnginxnexus_93180tc-exadvanced_cluster_management_for_kubernetesprime_network_registrarnexus_3408-straefiknexus_3064xnexus_9336pq_aci_spine_switchnexus_9372pxunified_contact_center_domain_managernettynexus_3264qnexus_3100vnexus_9372tx-e_switchnexus_93108tc-ex_switchtraffic_serverjboss_core_servicesnexus_9300jboss_a-mqjboss_a-mq_streamsnexus_3100nexus_93240tc-fx2machine_deletion_remediation_operatorbig-ip_application_security_managerbuild_of_quarkusnexus_93180yc-ex_switchnexus_9372tx-enode_maintenance_operatornexus_93180yc-ex-24nexus_3064openshift_dev_spacesnexus_9504_switchweb_terminalnexus_9736pqself_node_remediation_operatorcertification_for_red_hat_enterprise_linuxnexus_3172pqnexus_93128txiot_field_network_directornexus_3636c-rnexus_3064-tnexus_9372px-ehttp2nexus_92300yc_switchnexus_9364d-gx2aservice_interconnectnexus_93180yc-fxios_xeopenrestynexus_31128pqopenshift_service_meshbig-ip_analyticsopenshift_data_sciencebig-ip_application_acceleration_managernexus_9336pqnetwork_observability_operatorbig-ip_link_controllernexus_9372px-e_switchnexus_9332pq_switchnexus_9500_supervisor_bhttp_servernexus_93180yc-fx-24windows_10_22h2node.jsnexus_3600nexus_93180lc-exnexus_9636pqservice_telemetry_frameworkbig-ip_application_visibility_and_reportingmigration_toolkit_for_applicationsnexus_9808nexus_93108tc-fx-24nexus_92160yc-xnexus_31108tc-vnexus_3200nexus_9332d-gx2bcrosswork_situation_managernexus_3064-xnghttp2nexus_93180yc-fx3sbig-ip_websafenexus_3464cnexus_93180yc-exnexus_3172nexus_9536pqastra_control_centernexus_9396px_switchnexus_92300ycopenshift_api_for_data_protectionh2ojettynexus_9500_supervisor_anexus_9500_supervisor_a\+nexus_9272q_switchsatellitenexus_93180yc-fx3hprocess_automationdata_center_network_manageransible_automation_platformcost_managementsecure_web_appliance_firmwarejboss_data_gridnexus_9508_switchnexus_3064-32tcert-manager_operator_for_red_hat_openshiftoncommand_insightnexus_93240yc-fx2ios_xrnexus_93180lc-ex_switchfence_agents_remediation_operatorcrosswork_zero_touch_provisioningnexus_3232c_ultra_cloud_core_-_policy_control_functionbig-ip_carrier-grade_natnexus_3172tq-xlnexus_3524-xexpresswaygrpcbusiness_process_automationnexus_93108tc-fx3hnexus_92304qc_switchwindows_10_1809enterprise_linuxenvoyquaycrosswork_data_gatewaynexus_93108tc-fx3pbig-ip_domain_name_systemnexus_3548-xlnexus_93120tx_switchnexus_9432pqopenshift_gitopsnexus_3524-xlnexus_3232nexus_9332pqnexus_3524-x\/xlbig-ip_advanced_firewall_managerprime_infrastructurenexus_3016qjenkinsbig-ip_ssl_orchestratornexus_9348gc-fx3big-ip_access_policy_managerwindows_server_2022connected_mobile_experiencesn/ahttpHTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2013-5567
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.4||MEDIUM
EPSS-1.50% / 80.39%
||
7 Day CHG~0.00%
Published-14 Jul, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-3328
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-1.04% / 76.48%
||
7 Day CHG~0.00%
Published-26 Jul, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presence_servern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-0309
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-1.06% / 76.72%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_93180lc-exnexus_3132qnexus_3172tqnexus_93108tc-exnexus_9332pqnexus_3016nx-osnexus_9372pxnexus_9508nexus_93120txnexus_92304qcnexus_92160yc-xnexus_93128txnexus_9504nexus_3048nexus_9372tx-enexus_9396txnexus_31128pqnexus_3132q-vnexus_3164qnexus_92300ycnexus_3172tq-32tnexus_3064nexus_31108tc-vnexus_3232cnexus_3172nexus_9272qnexus_9396pxnexus_9372txnexus_3264qnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_9000vnexus_9372px-enexus_31108pc-vnexus_9236cnexus_9516nexus_3172pq-xlCisco Nexus 3000 and 9000 unknown
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-0233
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.48% / 64.32%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 20:00
Updated-29 Nov, 2024 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. The vulnerability is due to the affected software improperly handling changes to SSL connection states. An attacker could exploit this vulnerability by sending crafted SSL connections through an affected device. A successful exploit could allow the attacker to cause the detection engine to consume excessive system memory on the affected device, which could cause a DoS condition. The device may need to be reloaded manually to recover from this condition. This vulnerability affects Cisco Firepower System Software Releases 6.0.0 and later, running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series Firewalls with FirePOWER Services, Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, Firepower 4100 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, Firepower 9300 Series Security Appliances, Firepower Threat Defense for Integrated Services Routers (ISRs), Firepower Threat Defense Virtual for VMware, Industrial Security Appliance 3000, Sourcefire 3D System Appliances. Cisco Bug IDs: CSCve23031.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Detection Engine
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-1460
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.35%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Framework Denial of Service Vulnerability

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosic3000_industrial_compute_gatewaycgr1000_firmware829_industrial_integrated_services_routeric3000_industrial_compute_gateway_firmwarecgr1000809_industrial_integrated_services_routerCisco IOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-1378
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 16:55
Updated-08 Nov, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Denial of Service Vulnerability

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosCisco ASR 5000 Series Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-1703
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.41% / 60.73%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 16:00
Updated-19 Nov, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120firepower_2130firepower_2110firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-1672
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.21% / 43.18%
||
7 Day CHG~0.00%
Published-08 Feb, 2019 | 18:00
Updated-19 Nov, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-web_security_applianceCisco Web Security Appliance (WSA)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-1564
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 16:46
Updated-07 Nov, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery and Link Layer Discovery Protocol Memory Leak Vulnerabilities

Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. These vulnerabilities are due to incorrect processing of certain Cisco Discovery Protocol and LLDP packets at ingress time. An attacker could exploit these vulnerabilities by sending crafted Cisco Discovery Protocol or LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DoS condition. Note: Cisco Discovery Protocol and LLDP are Layer 2 protocols. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-video_surveillance_7530pd_firmwarevideo_surveillance_7530pdvideo_surveillance_7070video_surveillance_7070_firmwareCisco Video Surveillance 7000 Series IP Cameras
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2004-1464
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.70% / 81.52%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-30 Jul, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-09||Apply updates per vendor instructions.

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/aIOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3572
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.86% / 82.30%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:40
Updated-13 Nov, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability

A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3306
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.23% / 46.01%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:42
Updated-15 Nov, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3175
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.59% / 85.00%
||
7 Day CHG~0.00%
Published-26 Feb, 2020 | 16:50
Updated-15 Nov, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-mds_9132tmds_9710mds_9506mds_9718nx-osmds_9216amds_9222imds_9509mds_9148smds_9706mds_9513mds_9216imds_9148tmds_9216Cisco NX-OS Software 5.0(1a)
CWE ID-CWE-664
Improper Control of a Resource Through its Lifetime
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3566
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-23.77% / 95.79%
||
7 Day CHG~0.00%
Published-29 Aug, 2020 | 15:15
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability

A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_9922asr_9912asr_9906asr_9904asr_9901asr_9910asr_9006ios_xrasr_9010asr_9001Cisco IOS XR SoftwareIOS XR
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-3409
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iem-3400-8tie-4000-8t4g-eie-3300-8p2s-eie-4000-16t4g-eiem-3300-8sie-3400-8t2s-eie-3300-8t2x-eiosie-4000-8s4g-eie-3400-8p2s-aiem-3300-8tiem-3300-16pie-4000-8gt8gp4g-eiem-3300-14t2siem-3300-8pie-4000-8gt4g-eie-3300-8p2s-aie-4000-4gs8gp4g-eie-4000-4tc4g-eie-4000-4gc4gp4g-eiem-3400-8piem-3300-16tie-3300-8t2s-eiem-3300-6t2sie-3200-8t2s-eie-4000-4s8p4g-eie-3200-8p2s-eios_xeie-4000-8gs4g-eie-3400-8p2s-eie-4000-16gt4g-eiem-3400-8sie-3300-8t2s-aie-3300-8t2x-aie-4000-4t4p4g-eCisco IOS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3414
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IPv4 or IPv6 traffic to or through an affected device. An attacker could exploit this vulnerability by sending IP traffic to or through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe4461_integrated_services_routerCisco IOS XE Software 17.1.1
CWE ID-CWE-19
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3499
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.86% / 82.30%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Management Center Software Denial of Service Vulnerability

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. A successful exploit could allow the attacker to cause the affected system to become unresponsive, resulting in a DoS condition and preventing the management of dependent devices.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Center
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3569
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-21.75% / 95.53%
||
7 Day CHG~0.00%
Published-23 Sep, 2020 | 00:25
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ncs_5502ncs_560asr_9906crs-8\/s-b_crscrs-xasr_9904asr_9903asr_9910ncs_6008ncs_520ncs_540crs-1_4-slot_single-shelf_systemcrs-1_16-slot_single-shelf_systemncs_5501asr_9912crs-x_multishelf_systemncs_5508asr_9901asr_9006ncs_5516crs-3_8-slot_single-shelf_systemcrs-3_multishelf_systemncs_5011asr_9922ncs_5001asr_9000vcrscrs-1_fabric_card_chassiscrs-3_4-slot_single-shelf_systemcrs-1_line_card_chassis_\(multi\)crs-3_16-slot_single-shelf_systemcrs-1_multishelf_systemios_xrasr_9010asr_9001crs-1_line_card_chassis_\(dual\)crs-1_16-slot_line_card_chassiscrs-1_8-slot_line_card_chassiscrs-1_8-slot_single-shelf_systemcrs-x_16-slot_single-shelf_systemncs_5002crs-8\/scrscrs_performance_route_processorCisco IOS XR SoftwareIOS XR
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-3512
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4xie_2000-4t_industrial_ethernet_switchcatalyst_c9407rcatalyst_c9300-48pie-4000-16t4g-ecatalyst_3650-12x48urie_2000-16tc_industrial_ethernet_switchie-3300-8u2x-ecatalyst_c9500-16xcatalyst_c9200-24pcatalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4gcatalyst_3650-24pdmie-4000-4tc4g-eie-2000u-16tc-gpie-4010-16s12p_industrial_ethernet_switchcatalyst_3850-nm-2-40gcatalyst_c9300l-48p-4xcatalyst_c9500-24y4cie_2000-8tc-g_industrial_ethernet_switchcatalyst_c9200l-24t-4gie-3200-8t2s-eie_2000-16ptc-g_industrial_ethernet_switchie-2000u-16tc-g-xcatalyst_3650-12x48uzie_2000-4ts_industrial_ethernet_switchie-3400-8p2s-eiem-3400-8scatalyst_3850-48xscatalyst_3650-12x48uqie-2000u-4t-gscatalyst_c9200l-48p-4gie-3010-16s-8pc_industrial_ethernet_switchiem-3400-8tie_2000-8tc-g-e_industrial_ethernet_switchcatalyst_3650-8x24uqiem-3300-8sie-3300-8t2x-ecatalyst_c9300l-24t-4gie_2000-16tc-g-e_industrial_ethernet_switchie-4000-8s4g-ecatalyst_c9200l-24pxg-2yie-3400-8p2s-aie_2000-24t67_industrial_ethernet_switchie_2000-16t67_industrial_ethernet_switchiem-3300-8tiem-3300-16pie-4000-8gt8gp4g-ecatalyst_c9300l-24p-4xcatalyst_c9200l-24p-4xiem-3300-14t2scatalyst_c9300l-48p-4gie-4000-8gt4g-eie-5000-12s12p-10giem-3300-8pie-4000-4gs8gp4g-eie_2000-8t67_industrial_ethernet_switchcatalyst_c9300-48uxmiem-3300-16tie-3300-8t2s-eess_2020ie-3400-8t2s-acatalyst_c9500-40xie-4000-8gs4g-eie-4000-16gt4g-eie_2000-16tc-g-n_industrial_ethernet_switchie_2000-8tc-g-n_industrial_ethernet_switchcatalyst_c9200-24tcatalyst_3650-48fqmcatalyst_c9200l-48p-4xcatalyst_c9410rie-4000-4t4p4g-ecatalyst_c9300-24pie-4000-8t4g-ecatalyst_c9300-48uie-3400-8t2s-ecatalyst_3650-24pdcatalyst_c9300-48tcatalyst_c9500-12qie-5000-16s12pie-2000u-16tc-gcatalyst_c9500-24qcatalyst_c9200-48tcatalyst_c9300-24sie-4000-4gc4gp4g-eie-4000-4s8p4g-ecatalyst_c9404rcatalyst_c9300-24ucatalyst_c9200l-48t-4xie-2000u-4ts-gie-4010-4s24p_industrial_ethernet_switchcatalyst_c9500-32cconnected_grid_switch_2520ie-3300-8t2x-acatalyst_c9300l-24p-4gie-3000catalyst_c9500-32qccatalyst_c9200l-24p-4gess_3300catalyst_c9300-48sie-1000ie_2000-16t67p_industrial_ethernet_switchie-3300-8p2s-ecatalyst_c9300l-48t-4xie-3300-8u2x-aie_2000-8t67p_industrial_ethernet_switchie_2000-4ts-g_industrial_ethernet_switchcatalyst_c9300l-24t-4xcatalyst_c9200-48pie_2000-4t-g_industrial_ethernet_switchie-2000u-8tc-gie-3300-8p2s-aie_2000-16tc-g_industrial_ethernet_switchcatalyst_3850-24xscatalyst_c9300-48uncatalyst_c9200l-24t-4xiem-3400-8piem-3300-4mu-2catalyst_c9300-24tie_2000-4s-ts-g_industrial_ethernet_switchcatalyst_c9200l-24pxg-4xiem-3300-6t2sie-3200-8p2s-eios_xecatalyst_c9300l-48t-4gcatalyst_c9500-48y4cie_2000-16tc-g-x_industrial_ethernet_switchcatalyst_3850-nm-8-10gcatalyst_c9300-24uxie-3010-24tc_industrial_ethernet_switchie-3300-8t2s-aie-2000u-4s-gCisco IOS
CWE ID-CWE-388
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3559
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.28% / 78.72%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Point Authentication Flood Denial of Service Vulnerability

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9800-laironet_1830e1111-8pwbaironet_1850e1113-8pmwebusiness_240accatalyst_9800-40aironet_access_point_software1117-4pwebusiness_access_pointsaccess_points1116-4pwebusiness_145ac1113-8pwe1113-8plteeawe1117-4plteeawe1111-4pwe1111-8plteeawbaironet_1850icatalyst_9800-l-c1117-4pmwecatalyst_9800-clcatalyst_9800-80catalyst_9800-l-faironet_1830i1117-4pmlteeawewireless_lan_controlleraironet_18151116-4plteeawebusiness_140acCisco Aironet Access Point Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3560
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:50
Updated-13 Nov, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Points UDP Flooding Denial of Service Vulnerability

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562iaironet_1830e1111-8pwbaironet_1850e1113-8pmwecatalyst_iw6300aironet_3800e1111-8plteeawbaironet_1562ecatalyst_9800-l-c1117-4pmweaironet_2800iaironet_1542iaironet_3800pcatalyst_9800-80catalyst_9800-l-faironet_1830icatalyst_9117wireless_lan_controller_softwareaironet_1815catalyst_91151117-4pwebusiness_140accatalyst_9130aironet_4800catalyst_9800-laironet_1542dbusiness_240accatalyst_9800-40aironet_access_point_softwarecatalyst_9120aironet_1562dbusiness_access_pointsaccess_points1116-4pweesw-6300-con-x-k9business_145ac1113-8pwe1113-8plteeawe1117-4plteeaweaironet_3800i1111-4pweaironet_1850icatalyst_9800-cl1117-4pmlteeawewireless_lan_controlleraironet_2800e1116-4plteeawecatalyst_9105Cisco Aironet Access Point Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3304
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.50% / 64.83%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3260
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.31% / 53.44%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 20:11
Updated-15 Nov, 2024 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point (AP). An attacker could exploit this vulnerability by sending a large number of sustained client packets to the affected AP. A successful exploit could allow the attacker to cause the affected AP to crash, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1850_firmwareaironet_1542daironet_1840aironet_1850aironet_1542i_firmwareaironet_1830_firmwareaironet_1542iaironet_1840_firmwareaironet_1830aironet_1815_firmwareaironet_1815aironet_1542d_firmwareCisco Aironet Access Point Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3181
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.53% / 66.04%
||
7 Day CHG~0.00%
Published-04 Mar, 2020 | 18:35
Updated-15 Nov, 2024 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance Uncontrolled Resource Exhaustion Vulnerability

A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient control over system memory allocation. An attacker could exploit this vulnerability by sending a crafted email through the targeted device. A successful exploit could allow the attacker to cause an email attachment that contains malware to be delivered to a user and cause email processing delays.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_applianceCisco Email Security Appliance (ESA)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3334
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:40
Updated-15 Nov, 2024 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_2140firepower_2120adaptive_security_appliance_softwarefirepower_2130firepower_2110firepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3563
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.16% / 77.68%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3543
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-08 Oct, 2020 | 04:20
Updated-13 Nov, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability

A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DOS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-8400_ip_camera_firmware8630_ip_camera_firmware8620_ip_camera8000p_ip_camera_firmware8930_speed_dome_ip_camera_firmware8020_ip_camera8400_ip_camera8030_ip_camera_firmware8070_ip_camera_firmware8620_ip_camera_firmware8070_ip_camera8020_ip_camera_firmware8000p_ip_camera8930_speed_dome_ip_camera8030_ip_camera8630_ip_cameraCisco Video Surveillance 8000 Series IP Cameras
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3529
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.31% / 78.98%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:35
Updated-13 Nov, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3373
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.91% / 82.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:36
Updated-13 Nov, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability

A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-3305
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:42
Updated-15 Nov, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3554
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.25% / 48.49%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3428
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.08% / 25.26%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:55
Updated-13 Nov, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service Vulnerability

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9300-24pcatalyst_c9407rcatalyst_c9300-48pcatalyst_c9300-48u1100_integrated_services_router4331_integrated_services_routercatalyst_9800-l-c4461_integrated_services_routercatalyst_c9500-16xcatalyst_c9200-24pcatalyst_c9300-48tcatalyst_c9500-12q111x_integrated_services_routercatalyst_c9500-24qasr_1006-xcatalyst_c9200-48tcatalyst_9800-lcatalyst_c9300-24sasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gcloud_services_router_1000v4221_integrated_services_routercatalyst_c9404rcatalyst_c9300-24ucatalyst_9800-clcatalyst_c9500-32casr_1001-hxcatalyst_c9200l-48p-4gasr_1002-xcatalyst_c9300l-24p-4gasr_1009-x4451-x_integrated_services_routercatalyst_c9500-32qccatalyst_c9200l-24p-4gcatalyst_c9300-48scatalyst_c9600_switch1160_integrated_services_routercatalyst_c9300l-48t-4xasr_1002-hxcatalyst_c9300l-24t-4gintegrated_services_virtual_routercatalyst_c9200l-24pxg-2ycatalyst_c9300l-24t-4xcatalyst_9800-80catalyst_9800-l-fasr_10041109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9200-48pcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4g1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4x1111x_integrated_services_routercatalyst_c9300-48uxm4321_integrated_services_routercatalyst_9800-40catalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xcatalyst_c9500-40xios_xecatalyst_c9300l-48t-4gcatalyst_c9500-48y4casr_1006catalyst_c9300-24uxasr_1001-xcatalyst_c9200-24t1101_integrated_services_router4351_integrated_services_routercatalyst_c9410rCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found