Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-20376

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-01 May, 2024 | 16:43
Updated At-01 Aug, 2024 | 21:59
Rejected At-
Credits

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:01 May, 2024 | 16:43
Updated At:01 Aug, 2024 | 21:59
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco IP Phones with Multiplatform Firmware
Versions
Affected
  • 11.3.1 MSR2-6
  • 11.3.1 MSR3-3
  • 11.3.2
  • 11.3.3
  • 11.3.1 MSR4-1
  • 11.3.4
  • 11.3.5
  • 11.3.3 MSR2
  • 11.3.3 MSR1
  • 11.3.6
  • 11-3-1MPPSR4UPG
  • 11.3.7
  • 11-3-1MSR2UPG
  • 11.3.6SR1
  • 11.3.7SR1
  • 11.3.7SR2
  • 11.0.0
  • 11.0.1
  • 11.0.1 MSR1-1
  • 11.0.2
  • 11.1.1
  • 11.1.1 MSR1-1
  • 11.1.1 MSR2-1
  • 11.1.2
  • 11.1.2 MSR1-1
  • 11.1.2 MSR3-1
  • 11.2.1
  • 11.2.2
  • 11.2.3
  • 11.2.3 MSR1-1
  • 11.2.4
  • 11.3.1
  • 11.3.1 MSR1-3
  • 4.5
  • 4.6 MSR1
  • 4.7.1
  • 4.8.1
  • 4.8.1 SR1
  • 5.0.1
  • 12.0.1
  • 12.0.2
  • 12.0.3
  • 12.0.3SR1
  • 12.0.4
  • 5.1.1
  • 5.1.2
  • 5.1(2)SR1
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco PhoneOS
Versions
Affected
  • 1.0.1
  • 2.1.1
  • 2.0.1
  • 2.3.1
Problem Types
TypeCWE IDDescription
cweCWE-787Out-of-bounds Write
Type: cwe
CWE ID: CWE-787
Description: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6871_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6871_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6821_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6821_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6851_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6851_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_7821_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_7821_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6861_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6861_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6825_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6825_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_6841_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_6841_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_7811_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_7811_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_7841_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_7841_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_7861_with_multiplatform_firmware
CPEs
  • cpe:2.3:a:cisco:ip_phone_7861_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
ip_phone_8800_series_with_multiplatform_firmware
CPEs
  • cpe:2.3:o:cisco:ip_phone_8800_series_with_multiplatform_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Vendor
Cisco Systems, Inc.cisco
Product
video_phone_8875_firmware
CPEs
  • cpe:2.3:a:cisco:video_phone_8875_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 12.0.4 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:01 May, 2024 | 17:15
Updated At:01 May, 2024 | 19:50

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-787Secondaryykramarz@cisco.com
CWE ID: CWE-787
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvSykramarz@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-multi-vulns-cXAhCvS
Source: ykramarz@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1059Records found
CVE-2021-34735
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.51% / 80.43%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 19:46
Updated-07 Nov, 2024 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities

Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ata_192_firmwareata_190ata_190_firmwareata_191_firmwareata_191ata_192Cisco Analog Telephone Adaptor (ATA) Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-34769
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.21% / 43.41%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-40_wireless_controllercatalyst_9800-40catalyst_9800-l-ccatalyst_9800-80_wireless_controllercatalyst_9800_embedded_wireless_controllercatalyst_9800catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-415
Double Free
CVE-2021-34792
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.43% / 61.71%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:56
Updated-07 Nov, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5585-x_firmwareasa_5505_firmwareasa_5580_firmwareasa_5515-xasa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5555-xasa_5580asa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5585-xasa_5512-x_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-34737
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.38% / 58.50%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability

A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ncs_5001ncs_5002ncs540x-12z16g-sys-dasr_9010asr_9902ncs_5501-sencs_5516asr_9006ncs540x-12z16g-sys-aasr_9000v-v2ios_xrncs540x-acc-sysncs_5502-sencs540-acc-sysncs_5508asr_9903ncs_5501ncs540-28z4c-sys-dncs540-12z20g-sys-dncs_5011ios_xrv_9000asr_9001ncs540-28z4c-sys-ancs540-24z8q2c-sysncs540x-16z4g8q2c-aasr_9910asr_9906asr_9904asr_9912asr_9922ncs540-24z8q2c-mncs540-12z20g-sys-ancs_560-4ncs_560-7ncs540x-16z4g8q2c-dncs_5502asr_9901Cisco IOS XR Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34736
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 37.06%
||
7 Day CHG~0.00%
Published-21 Oct, 2021 | 02:50
Updated-07 Nov, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Integrated Management Controller GUI Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ucs_c240_sd_m5ucs_c260_m2ucs_c890_m5ucs_c245_m6ucs_c460_m4ucs_c220_m4ucs_c240_m3ucs_c220_m5ucs_c24_m3ucs_c3160ucs_c220_m3ucs_c3260ucs_c480_ml_m5ucs_c225_m6ucs_c125_m5ucs_s3260ucs_c240_m5ucs_c22_m3ucs_c480_m5ucs_c460_m2ucs_c4200unified_computing_systemucs_c420_m3Cisco Unified Computing System (Managed)
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34698
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.52% / 65.70%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 19:46
Updated-07 Nov, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asyncosweb_security_appliance_s190web_security_appliance_s690web_security_appliance_s680web_security_appliance_s690xweb_security_appliance_s170web_security_appliance_s390web_security_appliance_s380Cisco Web Security Appliance (WSA)
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-34783
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.30% / 52.63%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareasa_5585-x_firmwareasa_5505_firmwareasa_5580_firmwareasa_5515-xasa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5555-xasa_5580asa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5585-xasa_5512-x_firmwareasa_5512-xfirepower_threat_defenseCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20226
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.15% / 36.75%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:21
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4321\/k9-ws_integrated_services_router1100-4g_integrated_services_routerc8200l-1n-4t4351_integrated_services_router4321_integrated_services_router4331\/k9-ws_integrated_services_routerc8500l-8s4xcatalyst_ir83401100-6g_integrated_services_routercatalyst_8300-1n1s-4t2x4321\/k9-rf_integrated_services_router4331\/k9_integrated_services_router4351\/k9_integrated_services_routercatalyst_8000v_edge4431_integrated_services_routerc8200-1n-4tcatalyst_8300-1n1s-6t4351\/k9-ws_integrated_services_router1100-4gltena_integrated_services_routerios_xe4221_integrated_services_routercatalyst_8300-2n2s-4t2x4331_integrated_services_routercatalyst_8300-2n2s-6t1100-4gltegb_integrated_services_router4331\/k9-rf_integrated_services_router4321\/k9_integrated_services_router4351\/k9-rf_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-456
Missing Initialization of a Variable
CVE-2020-16139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-90.39% / 99.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 20:10
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_ip_conference_station_7937g_firmwareunified_ip_conference_station_7937gn/aunified_ip_conference_station_7937g_firmware
CVE-2023-20212
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.23% / 78.31%
||
7 Day CHG~0.00%
Published-18 Aug, 2023 | 19:55
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_endpointsecure_endpoint_private_cloudCisco Secure Endpoint
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2023-44487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-94.41% / 99.98%
||
7 Day CHG-0.06%
Published-10 Oct, 2023 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-grpclinkerdprojectcontouristiovarnish_cache_projectenvoyproxyopenrestynghttp2denaamazonakkacaddyserverlinecorptraefikkazu-yamamotokonghqn/aJenkinsF5, Inc.The Netty ProjectEclipse Foundation AISBLThe IETF Administration LLC (IETF LLC)Apple Inc.NetApp, Inc.Microsoft CorporationRed Hat, Inc.Debian GNU/LinuxNode.js (OpenJS Foundation)The Apache Software FoundationFedora ProjectGoCisco Systems, Inc.Facebook
Product-nexus_9516openshift_serverlesscbl-marinernexus_34180ycnexus_3132c-zbig-ip_ddos_hybrid_defendernexus_3132q-xlproxygenarmerianexus_3132q-x\/3132q-xlunified_contact_center_enterprise_-_live_data_servernexus_9336pq_aci_spineintegration_service_registrynexus_9236c_switchwindows_11_22h2migration_toolkit_for_containersnexus_9396px.netnexus_31108pc-vnexus_9336c-fx2nexus_9396tx_switchopenshiftnginx_ingress_controllernexus_9236cadvanced_cluster_securitykong_gatewaynexus_93108tc-ex-24secure_web_appliancewindows_server_2016windows_server_2019openshift_container_platform_assisted_installerbig-ip_next_service_proxy_for_kubernetesnexus_3500integration_camel_knexus_9396txnexus_9372txnexus_93216tc-fx2apisixnginx_plusnexus_9800linkerdsupport_for_spring_bootnexus_3132q-xnode_healthcheck_operator3scale_api_management_platformnexus_9500nexus_93120txnexus_3264c-enexus_9500_4-slotopenstack_platformtelepresence_video_communication_servernexus_36180yc-rtomcatnexus_3132qnexus_3172tq-32topenshift_distributed_tracingnexus_9348gc-fxpbig-ip_nextenterprise_chat_and_emailbig-ip_global_traffic_managerbig-ip_fraud_protection_serviceunified_contact_center_enterprisecontouropenshift_container_platformnexus_3100-vsecure_malware_analyticsnexus_92160yc_switchnexus_34200yc-smnexus_9348d-gx2anexus_9364c-gxmigration_toolkit_for_virtualizationnexus_3100-zfog_directornexus_9804nexus_3432d-sultra_cloud_core_-_session_management_functionnexus_3524swiftnio_http\/2nexus_3400cryostatnexus_31108pv-vnexus_9372tx_switchnexus_3172tqbig-ip_advanced_web_application_firewalljboss_fusenexus_3172pq-xlfedoranexus_9272qopenshift_developer_tools_and_servicesnexus_9500rdecision_managernexus_9500_supervisor_b\+nexus_3548-x\/xlnexus_9232enexus_92348gc-xunified_attendant_console_advancedopenshift_sandboxed_containersultra_cloud_core_-_serving_gateway_functionnexus_9332d-h2rnexus_93128nexus_3548-xnexus_9200ycnexus_3064tbig-ip_policy_enforcement_managernexus_93108tc-exlogging_subsystem_for_red_hat_openshiftasp.net_corebig-ip_local_traffic_managernexus_93360yc-fx2big-ip_webacceleratornexus_3132q-vnexus_9336c-fx2-esolrcaddyistiounified_contact_center_management_portalnexus_9332cnexus_9200nexus_9516_switchnexus_3548nexus_3172pq\/pq-xlnexus_3048secure_dynamic_attributes_connectornexus_93600cd-gxnexus_9372px_switchnexus_3164qazure_kubernetes_serviceopenshift_secondary_scheduler_operatornexus_9500_8-slotnexus_9508openshift_virtualizationprime_cable_provisioningnexus_9364copensearch_data_preppernexus_93128tx_switchhttpwindows_10_21h2firepower_threat_defensesingle_sign-onnexus_9221cgobuild_of_optaplannerprime_access_registrarnetworkingnexus_9500_16-slotnexus_3232cnexus_93108tc-fxvarnish_cachenexus_9504jboss_enterprise_application_platformwindows_10_1607nexus_92304qcintegration_camel_for_spring_bootrun_once_duration_override_operatornexus_9716d-gxnexus_9000vnexus_3016windows_11_21h2openshift_pipelinesnexus_9408visual_studio_2022nexus_9336pq_acinexus_93180yc-fx3debian_linuxnx-osceph_storagenexus_9316d-gxnginxnexus_93180tc-exadvanced_cluster_management_for_kubernetesprime_network_registrarnexus_3408-straefiknexus_3064xnexus_9336pq_aci_spine_switchnexus_9372pxunified_contact_center_domain_managernettynexus_3264qnexus_3100vnexus_9372tx-e_switchnexus_93108tc-ex_switchtraffic_serverjboss_core_servicesnexus_9300jboss_a-mqjboss_a-mq_streamsnexus_3100nexus_93240tc-fx2machine_deletion_remediation_operatorbig-ip_application_security_managerbuild_of_quarkusnexus_93180yc-ex_switchnexus_9372tx-enode_maintenance_operatornexus_93180yc-ex-24nexus_3064openshift_dev_spacesnexus_9504_switchweb_terminalnexus_9736pqself_node_remediation_operatorcertification_for_red_hat_enterprise_linuxnexus_3172pqnexus_93128txiot_field_network_directornexus_3636c-rnexus_3064-tnexus_9372px-ehttp2nexus_92300yc_switchnexus_9364d-gx2aservice_interconnectnexus_93180yc-fxios_xeopenrestynexus_31128pqopenshift_service_meshbig-ip_analyticsopenshift_data_sciencebig-ip_application_acceleration_managernexus_9336pqnetwork_observability_operatorbig-ip_link_controllernexus_9372px-e_switchnexus_9332pq_switchnexus_9500_supervisor_bhttp_servernexus_93180yc-fx-24windows_10_22h2node.jsnexus_3600nexus_93180lc-exnexus_9636pqservice_telemetry_frameworkbig-ip_application_visibility_and_reportingmigration_toolkit_for_applicationsnexus_9808nexus_93108tc-fx-24nexus_92160yc-xnexus_31108tc-vnexus_3200nexus_9332d-gx2bcrosswork_situation_managernexus_3064-xnghttp2nexus_93180yc-fx3sbig-ip_websafenexus_3464cnexus_93180yc-exnexus_3172nexus_9536pqastra_control_centernexus_9396px_switchnexus_92300ycopenshift_api_for_data_protectionh2ojettynexus_9500_supervisor_anexus_9500_supervisor_a\+nexus_9272q_switchsatellitenexus_93180yc-fx3hprocess_automationdata_center_network_manageransible_automation_platformcost_managementsecure_web_appliance_firmwarejboss_data_gridnexus_9508_switchnexus_3064-32tcert-manager_operator_for_red_hat_openshiftoncommand_insightnexus_93240yc-fx2ios_xrnexus_93180lc-ex_switchfence_agents_remediation_operatorcrosswork_zero_touch_provisioningnexus_3232c_ultra_cloud_core_-_policy_control_functionbig-ip_carrier-grade_natnexus_3172tq-xlnexus_3524-xexpresswaygrpcbusiness_process_automationnexus_93108tc-fx3hnexus_92304qc_switchwindows_10_1809enterprise_linuxenvoyquaycrosswork_data_gatewaynexus_93108tc-fx3pbig-ip_domain_name_systemnexus_3548-xlnexus_93120tx_switchnexus_9432pqopenshift_gitopsnexus_3524-xlnexus_3232nexus_9332pqnexus_3524-x\/xlbig-ip_advanced_firewall_managerprime_infrastructurenexus_3016qjenkinsbig-ip_ssl_orchestratornexus_9348gc-fx3big-ip_access_policy_managerwindows_server_2022connected_mobile_experiencesn/ahttpHTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-0443
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.23% / 78.30%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 22:00
Updated-26 Nov, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper input validation on fields within CAPWAP Discovery Request packets by the affected device. An attacker could exploit this vulnerability by sending malicious CAPWAP Discovery Request packets to the Cisco WLC Software. A successful exploit could allow the attacker to cause the Cisco WLC Software to disconnect associated access points (APs). While the APs disconnect and reconnect, service will be unavailable for a brief period of time, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wireless_lan_controller_softwareCisco Wireless LAN Controller (WLC)
CWE ID-CWE-399
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0170
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.97% / 82.75%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software. The vulnerability is due to a logic error that exists when handling a malformed incoming packet, leading to access to an internal data structure after it has been freed. An attacker could exploit this vulnerability by sending crafted, malformed IP packets to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvb86327.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-416
Use After Free
CVE-2018-0159
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-6.18% / 90.46%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_901-6cz-f-aasr_901-6cz-f-dme_3600x-24cx-mios_xeiosme_3600x-24fs-masr_901-12c-ft-dasr_901-4c-f-dme_3800x-24fs-masr_901-4c-ft-dasr_901-6cz-ft-dasr_901-6cz-ft-ame_3600x-24ts-masr_901-12c-f-dCisco IOS and IOS XEIOS Software and Cisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0154
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.09%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcloud_services_router_1000vcatalyst_3850-16xs-s4331\/k9-rf_integrated_services_routercatalyst_9800catalyst_3850-24t-ecatalyst_3850-48p-ecatalyst_9300-24t-e4331_integrated_services_routercatalyst_9800_embedded_wireless_controller4461_integrated_services_router82019800-40catalyst_3850-24u-l1100-8p_integrated_services_router1111x_integrated_services_routerasr_1002-xcatalyst_8540msrcatalyst_9300l-24t-4g-ecatalyst_9300l-48p-4g-acatalyst_9400catalyst_3850-24s-s1100-6g_integrated_services_router1100_integrated_services_routercatalyst_8300-2n2s-4t2x1861_integrated_service_routercatalyst_3850-16xs-easr_1002catalyst_3850-48t-scatalyst_8500lcatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_9300-48s-ecatalyst_3850-24xu-scatalyst_9300l_stack1941w_integrated_services_routercatalyst_8300-1n1s-4t2x1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_9300-24s-a1000_integrated_services_routerasr_1013catalyst_9800-40_wireless_controllercatalyst_3850-48t-lasr_1000-xcatalyst_9200cxcatalyst_3850-24p-scatalyst_9300l-24t-4x-e1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routercatalyst_9300-48s-aasr_1000-esp200-x1841_integrated_service_routerasr_1006-xcatalyst_3850-24u-ecatalyst_9800-lcatalyst_3850-24u-s1802_integrated_service_router88041160_integrated_services_routerintegrated_services_virtual_router9800-80asr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_8510csrcatalyst_9300-48t-acatalyst_9300xcatalyst_3850-nm-8-10g1101_integrated_services_routercatalyst_8300-1n1s-6t8102-64hcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3850-48p-s4321\/k9-rf_integrated_services_routercatalyst_3850-48u-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_9410rcatalyst_8500-4qcesr-6300-con-k9catalyst_3850-nm-2-40gcatalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-l8800_8-slotcatalyst_9600_supervisor_engine-188121812_integrated_service_routerioscatalyst_9400_supervisor_engine-11101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_ie93008800_18-slotcatalyst_9300-48uxm-acatalyst_3850asr_1004catalyst_8200catalyst_9800-clasr_1001-x8201-32fhcatalyst_3850-32xs-sasr_1023catalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchesr63004331\/k9-ws_integrated_services_routercatalyst_9800-80_wireless_controller4321\/k9-ws_integrated_services_routercatalyst_9300l-48p-4x-aasr_1001-x_r1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3850-48t-ecatalyst_9300l-24p-4g-a1941_integrated_services_routercatalyst_3850-48xs-ecatalyst_9300l-48t-4g-a8800_12-slot8218catalyst_9300-24ux-acatalyst_9407r1906c_integrated_services_routercatalyst_9800-l-fcatalyst_9800-804351\/k9-ws_integrated_services_router44461_integrated_services_router1100-4g_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_router1100-4gltena_integrated_services_router4351_integrated_services_router8101-32hcatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_8500catalyst_3850-24xs-scatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_ie3200_rugged_switch8818catalyst_3850-24xu1109_integrated_services_router9800-clcatalyst_9300l-48t-4g-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006asr_10018202catalyst_ie3300_rugged_switch9800-l82084431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3850-48f-scatalyst_9300-48uxm-easr_1002-hxcatalyst_9300l-24p-4x-e1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3850-24xu-ecatalyst_930088081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_routercatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-ecatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9800-40catalyst_9300-24u-acatalyst_3850-24t-lasr_1002-x_rcatalyst_9300-48t-ecatalyst_9300-48u-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-24ux-ecatalyst_9300-48u-aasr_10008831catalyst_9300-24s-ecatalyst_3850-24p-ecatalyst_3850-24xscatalyst_9300l-48p-4g-e1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300asr_1009-xcbr8_converged_broadband_router1109-4p_integrated_services_routercatalyst_3850-48ucatalyst_9300-24u-ecatalyst_9800-l-c1921_integrated_services_routeresr-6300-ncp-k9catalyst_3850-12s-e4451_integrated_services_routercatalyst_3850-32xs-e8101-32fhasr_1002-hx_rcatalyst_9300l-48t-4x-a1803_integrated_service_routerCisco IOSIOS Software
CVE-2018-0296
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-94.44% / 99.99%
||
7 Day CHG~0.00%
Published-07 Jun, 2018 | 12:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwarefirepower_threat_defenseCisco Adaptive Security Appliance unknownAdaptive Security Appliance (ASA)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2018-0358
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.67% / 81.37%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while processing a high volume of traffic. An attacker could exploit this vulnerability by establishing a high number of concurrent TCP connections to the vulnerable system. An exploit could allow the attacker to cause a restart in a specific process, resulting in a temporary interruption of service. Cisco Bug IDs: CSCvh77056, CSCvh77058, CSCvh95264.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_video_communication_serverCisco TelePresence Video Communication Server unknown
CWE ID-CWE-769
DEPRECATED: Uncontrolled File Descriptor Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2018-0156
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-16.46% / 94.62%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3750x-48p-scatalyst_3560x-24u-scatalyst_3560x-48p-lcatalyst_3750x-48p-ecatalyst_3750x-24p-ecatalyst_3560x-48p-ecatalyst_2960s-48lps-lcatalyst_2960s-f48ts-lcatalyst_2960s-24ts-scatalyst_2960-plus_24tc-lie_3000-4tccatalyst_3560x-24t-scatalyst_2960xr-24ps-icatalyst_2960xr-48lps-icatalyst_4500_supervisor_engine_6-ecatalyst_2960xr-48lpd-iembedded_service_2020_24tc_con_bcatalyst_2960x-24ts-lie_2000-4tcatalyst_2960-plus_48pst-scatalyst_2960xr-48ts-icatalyst_4948e-fie_2000-4tscatalyst_2960-plus_24lc-lcatalyst_3750x-24t-scatalyst_3750x-48t-eie_2000-16tc-gcatalyst_2960x-48ts-llcatalyst_2960c-8tc-scatalyst_2960-plus_24lc-scatalyst_2960s-48ts-scatalyst_2960c-12pc-lcatalyst_2960xr-24td-iie_2000-8tc-gcatalyst_3560cg-8tc-scatalyst_2960s-f48ts-scatalyst_3750x-48pf-scatalyst_2960c-8tc-lcatalyst_3560x-48t-lcatalyst_2960x-48td-lcatalyst_2960x-48fps-lcatalyst_3560x-48pf-lcatalyst_2960s-f48lps-lcatalyst_2960-plus_24tc-scatalyst_4900mcatalyst_3560x-48u-scatalyst_2960xr-24ts-icatalyst_3750x-12s-ecatalyst_2960xr-24pd-icatalyst_4500_supervisor_engine_6l-ecatalyst_2960s-24ps-lcatalyst_2960-plus_48pst-lembedded_service_2020_24tc_ncpcatalyst_2960x-48lpd-lcatalyst_3560x-24p-sie_2000-16tc-g-ncatalyst_3560x-24p-ecatalyst_3560x-48u-ecatalyst_2960x-24td-lios_xecatalyst_3560cg-8pc-scatalyst_3560x-24u-lcatalyst_2960-plus_48tc-sembedded_service_2020_24tc_concatalyst_2960x-48fpd-lie_2000-16tccatalyst_3750x-24u-lcatalyst_3750x-48pf-ecatalyst_3750x-24s-sioscatalyst_2960s-f48fps-lcatalyst_3750x-48u-lcatalyst_2960s-48td-lcatalyst_3560x-48u-lcatalyst_2960x-24ps-lcatalyst_2960-plus_24pc-sie_2000-4s-ts-gcatalyst_2960s-24td-lcatalyst_3560x-24t-lcatalyst_2960s-f24ts-lembedded_service_2020_24tc_ncp_bcatalyst_2960cpd-8pt-lcatalyst_2960xr-48fps-icatalyst_2960s-48fpd-lcatalyst_3560x-48p-scatalyst_2960-plus_48tc-lcatalyst_3560x-48pf-ecatalyst_2960x-24pd-lie_2000-16t67pcatalyst_3560x-48t-ecatalyst_2960x-48ts-lembedded_service_2020_con_bcatalyst_2960s-48lpd-lcatalyst_3560cpd-8pt-sie-3010-16s-8pccatalyst_3750x-24p-sie_2000-24t67catalyst_2960x-24ts-llcatalyst_3750x-24p-lcatalyst_2960xr-48td-iie_2000-8tc-g-ncatalyst_3750x-48u-ecatalyst_3750x-12s-scatalyst_3560x-48t-scatalyst_2960s-24pd-lcatalyst_3750x-24u-ecatalyst_4948ecatalyst_3750x-48t-lcatalyst_3750x-48u-scatalyst_3750x-24t-lcatalyst_3750x-24t-eie_2000-8tccatalyst_3560x-48pf-scatalyst_2960s-24ts-lie_2000-16ptc-gcatalyst_3560c-8pc-sie_3000-8tccatalyst_2960cg-8tc-lie_2000-16tc-g-eembedded_service_2020_ncp_bcatalyst_2960x-48lps-lie_2000-8t67catalyst_3750x-48pf-lembedded_service_2020_conie_2000-16tc-g-xembedded_service_2020_ncpcatalyst_3560x-24t-ecatalyst_2960-plus_24pc-lie_2000-8tc-g-eie_2000-4t-gcatalyst_3750x-24u-scatalyst_3560x-24p-lcatalyst_3750x-48t-scatalyst_2960cpd-8tt-lie_2000-16t67catalyst_3560c-12pc-scatalyst_2960s-f24ps-lcatalyst_2960xr-48fpd-icatalyst_2960s-48fps-lcatalyst_3560x-24u-eie_2000-4ts-gcatalyst_3750x-24s-ecatalyst_2960c-8pc-lcatalyst_2960s-48ts-lcatalyst_2960x-24psq-l_coolcatalyst_3750x-48p-lie_2000-8t67pcatalyst_2960s-f24ts-sie-3010-24tcCisco IOS and IOS XEIOS Software and Cisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0409
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.54%
||
7 Day CHG~0.00%
Published-15 Aug, 2018 | 20:00
Updated-26 Nov, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious IPv4 or IPv6 packet to an affected device on TCP port 7400. An exploit could allow the attacker to overread a buffer, resulting in a crash and restart of the XCP Router service. Cisco Bug IDs: CSCvg97663, CSCvi55947.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_manager_im_and_presence_servicetelepresence_video_communication_serverUnified Communications Manager IM & Presence Service (CUCM IM&P)TelePresence Video Communication Server (VCS) and Expressway
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3338
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.97%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:40
Updated-13 Nov, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error handling when processing inbound PIM6 packets. An attacker could exploit this vulnerability by sending multiple crafted PIM6 packets to an affected device. A successful exploit could allow the attacker to cause the PIM6 application to leak system memory. Over time, this memory leak could cause the PIM6 application to stop processing legitimate PIM6 traffic, leading to a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_3172tqnexus_93108tc-exnx-osnexus_3636c-rnexus_9508nexus_93120txnexus_93128txnexus_9336pq_aci_spinenexus_3548-xlnexus_31128pqnexus_3132q-vnexus_9332cnexus_9364cnexus_3164qnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3132c-znexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172nexus_9272qnexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_93180yc-fxnexus_3264qnexus_3432d-snexus_34180ycnexus_9000vnexus_31108pc-vnexus_3524nexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_92304qcnexus_92160yc-xnexus_9504nexus_3048nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_3524-xlnexus_9396txnexus_7000nexus_92300ycnexus_3064nexus_3232cnexus_9396pxnexus_3264c-enexus_93240yc-fx2nexus_9372txnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_3172tq-xlnexus_93180yc-exnexus_3408-snexus_9372px-enexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS Software 5.2(1)
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-1378
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 16:55
Updated-08 Nov, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco StarOS Denial of Service Vulnerability

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosCisco ASR 5000 Series Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-12652
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-3.18% / 86.45%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 20:16
Updated-19 Nov, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability

A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when processing TCP packets directed to the device on specific Cisco Catalyst 4000 Series Switches. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device. A successful exploit could cause the affected device to run out of buffer resources, impairing operations of control plane and management plane protocols, resulting in a DoS condition. This vulnerability can be triggered only by traffic that is destined to an affected device and cannot be exploited using traffic that transits an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ioscatalyst_4500_supervisor_engine_6-ecatalyst_4500_supervisor_engine_6l-ecatalyst_4948ecatalyst_4900mcatalyst_4948e-fCisco IOS 15.0(1)XO1
CWE ID-CWE-399
Not Available
CVE-2021-1460
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.35%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOx Application Framework Denial of Service Vulnerability

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosic3000_industrial_compute_gatewaycgr1000_firmware829_industrial_integrated_services_routeric3000_industrial_compute_gateway_firmwarecgr1000809_industrial_integrated_services_routerCisco IOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-1405
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.25% / 78.52%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:30
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability

A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

Action-Not Available
Vendor-Debian GNU/LinuxClamAVCisco Systems, Inc.
Product-clamavdebian_linuxClamAV
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2021-1446
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-2.29% / 84.05%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through an affected device that is performing NAT for DNS packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability can be exploited only by traffic that is sent through an affected device via IPv4 packets. The vulnerability cannot be exploited via IPv6 traffic.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2021-1404
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.43%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:30
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability

A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.

Action-Not Available
Vendor-ClamAVCisco Systems, Inc.
Product-clamavClamAV
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1431
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.71%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:05
Updated-08 Nov, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software vDaemon Denial of Service Vulnerability

A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1510
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.91% / 74.91%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:42
Updated-08 Nov, 2024 | 23:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_100_firmwarevedge_100mvedge_5000_firmwarevedge_1000_firmwarevedge_5000vedge_100wm_firmwarevedge_100b_firmwarevedge_2000_firmwarevedge_1000vedge_100bvedge_cloudvedge_100m_firmwarevedge_100vedge_cloud_firmwarevedge_100wmCisco SD-WAN vEdge router
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-1513
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.41%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:50
Updated-08 Nov, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software vDaemon Denial of Service Vulnerability

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_2000vedge_100_firmwarevedge_100mvedge_5000_firmwarevedge_1000_firmwarevedge_5000vsmart_controllervedge_100b_firmwarevedge_100wm_firmwarevedge_2000_firmwarevedge_1000vedge_100bcatalyst_sd-wan_managervedge_cloudvedge-100b_firmwarevsmart_controller_firmwaresd-wan_vbond_orchestratorvedge-100bvedge_100m_firmwarevedge_100vedge_cloud_firmwarevedge_100wmCisco SD-WAN Solution
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1501
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.77% / 72.49%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 17:31
Updated-08 Nov, 2024 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability

A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2021-1252
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.50%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:25
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability

A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.

Action-Not Available
Vendor-ClamAVCisco Systems, Inc.
Product-clamavClamAV
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2025-20139
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.25%
||
7 Day CHG~0.00%
Published-02 Apr, 2025 | 16:16
Updated-06 Aug, 2025 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit this vulnerability by sending malicious requests to a messaging chat entry point in the affected application. A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its own and may need an administrator to manually restart services to recover.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_chat_and_emailCisco Enterprise Chat and Email
CWE ID-CWE-185
Incorrect Regular Expression
CVE-2025-20165
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.40%
||
7 Day CHG~0.00%
Published-22 Jan, 2025 | 16:21
Updated-06 Aug, 2025 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco BroadWorks SIP Denial of Service Vulnerability

A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. A successful exploit could allow the attacker to exhaust the memory that was allocated to the Cisco BroadWorks Network Servers that handle SIP traffic. If no memory is available, the Network Servers can no longer process incoming requests, resulting in a DoS condition that requires manual intervention to recover.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-broadworks_network_serverCisco BroadWorks
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2021-1278
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.06% / 76.75%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 19:56
Updated-12 Nov, 2024 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100b_routervedge_cloud_routersd-wan_vbond_orchestratorvedge_5000_routervedge_100_routersd-wan_firmwareios_xe_sd-wanvedge_2000_routersd-wan_vsmart_controller_firmwarevedge_100wm_routercatalyst_sd-wan_managervedge_1000_routervedge_100m_routerCisco SD-WAN Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-1313
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.35%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:56
Updated-08 Nov, 2024 | 23:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Enf Broker Denial of Service Vulnerability

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-399
Not Available
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2025-20209
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.07%
||
7 Day CHG+0.02%
Published-12 Mar, 2025 | 16:13
Updated-01 Aug, 2025 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.  This vulnerability is due to improper handling of malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to prevent the affected device from processing any control plane UDP packets, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrncs_1010ncs_1014ncs_1004ncs_540lCisco IOS XR Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-1275
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.75% / 81.78%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:50
Updated-08 Nov, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Software Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanagecatalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-20128
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.69% / 81.48%
||
7 Day CHG~0.00%
Published-22 Jan, 2025 | 16:21
Updated-06 Aug, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV OLE2 File Format Decryption Denial of Service Vulnerability

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-ClamAVCisco Systems, Inc.
Product-secure_endpoint_private_cloudsecure_endpointclamavCisco Secure Endpoint
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-1230
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.70% / 71.06%
||
7 Day CHG~0.00%
Published-24 Feb, 2021 | 19:30
Updated-08 Nov, 2024 | 23:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability

A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP). Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exnexus_9332pqnexus_93108tc-exnx-osnexus_9372pxnexus_9364c-gxnexus_9508nexus_93108tc-fx-24nexus_92304qcnexus_93120txnexus_92160yc-xnexus_93128txnexus_9316d-gxnexus_9336pq_aci_spinenexus_93108tc-ex-24nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2nexus_9396txnexus_93180yc-fx3snexus_9332cnexus_9364cnexus_92300ycnexus_92348gc-xnexus_9336c-fx2nexus_9348gc-fxpnexus_9272qnexus_93180yc-fx-24nexus_9336c-fx2-enexus_9396pxnexus_93216tc-fx2nexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_93180yc-exnexus_93600cd-gxnexus_9000vnexus_9372px-enexus_9236cnexus_93180yc-fx3nexus_93180yc-ex-24Cisco NX-OS System Software in ACI Mode
CWE ID-CWE-233
Improper Handling of Parameters
CVE-2021-1288
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.35%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:35
Updated-08 Nov, 2024 | 23:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Enf Broker Denial of Service Vulnerability

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-399
Not Available
CVE-2013-1202
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.16%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 13:37
Updated-15 Nov, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco ACE A2(3.6) allows log retention DoS.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ace_application_control_engine_module_a2Cisco ACE
CVE-2017-6627
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.89% / 93.11%
||
7 Day CHG~0.00%
Published-07 Sep, 2017 | 21:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP packets with a destination port of 0 to an affected device. A successful exploit could allow the attacker to cause UDP packets to be held in the input interfaces queue, resulting in a DoS condition. The input interface queue will stop holding UDP packets when it receives 250 packets. Cisco Bug IDs: CSCup10024, CSCva55744, CSCva95506.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xeCisco IOS and Cisco IOS XEIOS and IOS XE Software
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-3832
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-06 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the GUI web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition. This vulnerability affects only the Cisco Wireless LAN Controller 8.3.102.0 release. Cisco Bug IDs: CSCvb48198.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controllerwireless_lan_controller_firmwareCisco Wireless LAN Controller
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CWE ID-CWE-264
Not Available
CVE-2023-25653
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.11%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:15
Updated-10 Mar, 2025 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS)

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in `node-jose` can trigger a Denial-of-Service (DoS) condition, due to a possible infinite loop in an internal calculation. For some ECC operations, this condition is triggered randomly; for others, it can be triggered by malicious input. The issue has been patched in version 2.2.0. Since this issue is only present in the "fallback" crypto implementation, it can be avoided by ensuring that either WebCrypto or the Node `crypto` module is available in the JS environment where `node-jose` is being run.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-node-josenode-jose
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-3857
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.14% / 77.54%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xeCisco IOS and IOS XE
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-399
Not Available
CVE-2018-0177
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-2.65% / 85.15%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IPv4 packets. An attacker could exploit this vulnerability by sending specific IPv4 packets to an IPv4 address on an affected device. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. If the switch does not reboot when under attack, it would require manual intervention to reload the device. This vulnerability affects Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches that are running Cisco IOS XE Software Release 16.1.1 or later, until the first fixed release, and are configured with an IPv4 address. Cisco Bug IDs: CSCvd80714.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3650-48fqm-lcatalyst_3850-24xs-ecatalyst_3650-24ps-scatalyst_3850-32xs-ecatalyst_3850-12s-scatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_3850-24p-scatalyst_3650-24pdm-lcatalyst_3850-16xs-scatalyst_3850-48f-scatalyst_3650-12x48ur-lcatalyst_3850-24u-scatalyst_c3850-12x48u-l4331_integrated_services_routercatalyst_3650-24ts-ecatalyst_3650-24ps-lcatalyst_3850-48f-ecatalyst_3650-48td-scatalyst_3650-8x24pd-scatalyst_3850-48u-lcatalyst_3650-48ts-lcatalyst_3650-48tq-ecatalyst_3650-8x24uq-lcatalyst_3650-48fd-lcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-24pd-lcatalyst_3650-24td-lcatalyst_3650-24pd-scatalyst_3650-24ts-lcatalyst_3650-48fs-ecatalyst_3850-32xs-scatalyst_3650-48ps-lcloud_services_router_1000vcatalyst_3650-12x48fd-ecatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_3850-48xs-ecatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_3650-48td-ecatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-scatalyst_3650-8x24pd-lasr_1001-hxcatalyst_3650-48pq-lcatalyst_3850-24t-sasr_1002-xcatalyst_3650-8x24pd-ecatalyst_3650-48fq-lcatalyst_3650-12x48uz-ecatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_3650-12x48uq-s4451-x_integrated_services_routercatalyst_3850-24xu-ecatalyst_3650-12x48ur-scatalyst_3650-12x48uq-ecatalyst_3850-48p-scatalyst_3650-48pd-scatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_3850-48u-sasr_1002-hxcatalyst_3650-24pd-easr_1000_series_route_processor_\(rp3\)asr_1000_series_route_processor_\(rp2\)catalyst_3850-16xs-ecatalyst_3650-48tq-scatalyst_3650-24pdm-scatalyst_3850-48xs-f-ecatalyst_3850-48p-ecatalyst_3650-12x48ur-ecatalyst_3850-12s-ecatalyst_3850-24p-lcatalyst_3650-48fqm-scatalyst_3850-48t-lcatalyst_3650-48fd-ecatalyst_3850-24t-ecatalyst_3650-24ts-scatalyst_3650-24ps-ecatalyst_3650-12x48fd-scatalyst_c3850-12x48u-ecatalyst_3650-12x48uq-l4321_integrated_services_routercatalyst_3850-24xs-scatalyst_3650-48ps-scatalyst_3650-48fq-ecatalyst_3650-8x24uq-scatalyst_3650-48tq-l4431_integrated_services_routercatalyst_3650-48fqm-ecatalyst_3650-48pd-ecatalyst_3650-24pdm-ecatalyst_3650-12x48fd-lcatalyst_3850-12xs-ecatalyst_3850-24u-ecatalyst_3850-48xs-scatalyst_3650-48fq-scatalyst_3650-48ts-ecatalyst_3850-48p-lios_xecatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_3850-48t-easr_1001-xcatalyst_3650-48pq-scatalyst_3650-48ts-scatalyst_3850-24xu-scatalyst_3650-48ps-ecatalyst_3650-48td-l4351_integrated_services_routercatalyst_c3850-12x48u-sCisco IOS XE
CWE ID-CWE-19
Not Available
CVE-2022-20746
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.91% / 74.91%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 03:15
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-3555
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.60% / 68.35%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 18:41
Updated-13 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability

A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliancefirepower_threat_defenseadaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2020-3341
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-5.73% / 90.09%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 02:20
Updated-15 Nov, 2024 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV PDF Parsing Denial of Service Vulnerability

A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

Action-Not Available
Vendor-Cisco Systems, Inc.Canonical Ltd.Fedora ProjectDebian GNU/Linux
Product-clam_antivirusubuntu_linuxfedoradebian_linuxClamAV
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3255
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.31% / 78.97%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 16:41
Updated-15 Nov, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5510_firmwareasa_5585-x_firmwareasa_5520asa_5505_firmwareasa_5510asa_5540_firmwareasa_5580_firmwareasa_5520_firmwareasa_5515-xasa_5550asa_5545-x_firmwareasa_5545-xasa_5525-x_firmwareasa_5505asa_5540asa_5555-xasa_5580asa_5585-xasa_5515-x_firmwareasa_5525-xasa_5555-x_firmwareasa_5512-x_firmwareasa_5550_firmwareasa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 21
  • 22
  • Next
Details not found