Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

1100-4g\/6g_integrated_services_router

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

21
Related CVEsRelated VendorsRelated AssignersReports
21Vulnerabilities found
CVE-2023-20035
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.20%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routercatalyst_8540csrcatalyst_8510csrcatalyst_8000v_edge1160_integrated_services_routerasr_1002-hxcatalyst_8510msr1100_integrated_services_router1109-2p_integrated_services_router4331_integrated_services_router4461_integrated_services_routercatalyst_8200ios_xe_sd-wancatalyst_8300-2n2s-6t1109_integrated_services_routercatalyst_8300catalyst_85001120_integrated_services_routercatalyst_8500-4qcasr_1006-x4321_integrated_services_routercatalyst_8540msr1131_integrated_services_routercatalyst_8300-1n1s-4t2xcatalyst_8500l1101-4p_integrated_services_router4431_integrated_services_routercatalyst_8300-1n1s-6t1100-4p_integrated_services_routercsr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_routercatalyst_8300-2n2s-4t2x1100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_router4451_integrated_services_router4351_integrated_services_routerasr_1009-xCisco IOS XE Software
CWE ID-CWE-146
Improper Neutralization of Expression/Command Delimiters
CVE-2023-20027
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.69% / 70.76%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-28 Oct, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability

A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel interface or on a physical interface that is configured with a maximum transmission unit (MTU) greater than 4,615 bytes. An attacker could exploit this vulnerability by sending fragmented packets through a VFR-enabled interface on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_router4351_integrated_services_routerc8500l-8s4x1100-6g_integrated_services_routercatalyst_8000v_edge1160_integrated_services_router1100_integrated_services_router1109-2p_integrated_services_router4331_integrated_services_router4461_integrated_services_routercatalyst_8300-2n2s-6t1000_integrated_services_router1109_integrated_services_router111x_integrated_services_router1120_integrated_services_router1100-4g_integrated_services_router1111x_integrated_services_routerc8200l-1n-4t4321_integrated_services_routercatalyst_8300-1n1s-4t2x1101-4p_integrated_services_router4431_integrated_services_routerc8200-1n-4tcatalyst_8300-1n1s-6tcloud_services_router_1000v1100-4p_integrated_services_routerios_xe1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routercatalyst_8300-2n2s-4t2x1100-8p_integrated_services_router1109-4p_integrated_services_router1101_integrated_services_router1131_integrated_services_routerCisco IOS XE Software
CWE ID-CWE-416
Use After Free
CVE-2022-20848
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.47% / 63.78%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:45
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3650-24ps-scatalyst_3850catalyst_3650asr-920-12sz-im-ccasr_907catalyst_9500hasr-920-12cz-acatalyst_3650-12x48urcatalyst_3850-16xs-scatalyst_9300l-24t-4x-acatalyst_3850-48pw-scatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9300l-48t-4x-aasr_920-12sz-imasr_920-12sz-im_routercatalyst_8300catalyst_3650-24pdmcatalyst_3850-48u-lcatalyst_8500-4qccatalyst_3650-8x24pd-scatalyst_3650-48ts-lasr-920-4sz-acatalyst_3650-8x24uq-lcatalyst_8300-1n1s-6t8101-32fhcatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_9300l-24t-4g-ecatalyst_3650-24ts-lasr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_9800-clcatalyst_9300-48p-ecatalyst_3650-8x24pd-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr1002-x9800-40catalyst_3650-12x48uq-ecatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_8510msrcatalyst_3850-16xs-ecatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3650-24pdm-scatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-ecatalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9400catalyst_3650-48fqm-scatalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_3650-12x48fd-scatalyst_9600_supervisor_engine-1catalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_3650-8x24uq-scatalyst_3650-48tq-lcatalyst_9300-48u-aasr_902uasr_920-4sz-a_router1100-4p_integrated_services_routercatalyst_3650-48fq-sasr-920-24tz-masr_903asr_9920asr_9906asr1000-mip100catalyst_3850-48t-ecatalyst_3650-48pq-s1101_integrated_services_routerasr_920-24tz-m_rcatalyst_3650-48fqm-l8101-32hasr_920-24sz-m_rcatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-easr_1002-hx_r3000_integrated_services_routerasr_920-10sz-pd_routercatalyst_3650-12x48uz-sasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr1002-hxasr_901s-3sg-f-ahasr1000-rp3catalyst_3650-12x48fd-ecatalyst_3850-48f-l4221_integrated_services_routercatalyst_3850-24xu-lcatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-easr1002-x-wsasr_1002-xcatalyst_9300lasr_920-12cz-d_r8800_18-slotcatalyst_3650-12x48uq-scatalyst_3650-12x48uz-e4451-x_integrated_services_routercatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_920-24sz-m_routercatalyst_3650-24ts-scatalyst_3650-24ps-easr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_3650-48pd-ecatalyst_3650-48fqm-easr1001-x-wscatalyst_3650-24pdm-easr_1000catalyst_3650-48ts-ecatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-s8202catalyst_3650-24pdm-lcatalyst_9300l_stack9800-lcatalyst_3850-24uasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-ecatalyst_3650-24ts-ecatalyst_3650-24ps-lasr_920-4sz-dcatalyst_3650-48td-sasr_920-4sz-d_router111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gasr-920-12sz-dcatalyst_9300lmcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fd-lcatalyst_3650-48fs-ecatalyst_9300-24t-ecatalyst_3650-12x48uzasr_9000vasr1001-hxcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24t-scatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-acatalyst_3650-48tq-sasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_3650-48fd-easr_901-6cz-ft-dasr_901-6cz-f-dasr_9000catalyst_3650-48fq-ecatalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3650-12x48fd-lasr-920-12sz-acatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-aasr_1006catalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-scatalyst_3650-12x48ur-lasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_3650-24pdcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-acatalyst_3650-48ps-lasr_10011100-4g\/6g_integrated_services_routerasr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lasr_1001-hxcatalyst_ie3300catalyst_3650-48fqcatalyst_3650-48fq-l8102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-aasr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_3650-48pd-scatalyst_9300-48un-aasr_1001-x_rcatalyst_3650-24pd-easr-920-12sz-imasr_901-6cz-fs-dcatalyst_3650-12x48uz-lcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotcatalyst_3650-48ps-s4431_integrated_services_router9800-80asr_901-6cz-fs-aasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xcatalyst_3650-48ts-s8800_12-slotcatalyst_3650-48ps-easr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2021-1529
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.22%
||
7 Day CHG~0.00%
Published-21 Oct, 2021 | 02:45
Updated-07 Nov, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routercatalyst_8540csrasr_1002_fixed_routerasr_1001-x_r1160_integrated_services_routercatalyst_8510csrasr_1002-hxcatalyst_8510msr1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1000-esp100asr_1002ios_xe_sd-wancatalyst_8300-2n2s-6t4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004catalyst_8500111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routercatalyst_8540msrcatalyst_8300-1n1s-4t2xasr_1023catalyst_8500l1101-4p_integrated_services_router4431_integrated_services_routercatalyst_8300-1n1s-6tasr_10011100-4p_integrated_services_routerasr_1000csr_1000vios_xe1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routercatalyst_8300-2n2s-4t2xasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_routerasr_1009-xCisco IOS XE SD-WAN Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1621
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.42% / 60.96%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:31
Updated-07 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause a queue wedge on the interface, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hx1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_risrv4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_10024000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000vios_xe1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_routerasr_1009-xCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2021-1620
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.40% / 59.65%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:31
Updated-07 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3650-24ps-scatalyst_3850catalyst_3650catalyst_3650-12x48urcatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_router4461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-acatalyst_9300l-48t-4x-acatalyst_3650-24pdmcatalyst_3650-8x24pd-scatalyst_3850-48u-lcatalyst_3650-48ts-lcatalyst_9800-80_wireless_controllercatalyst_3650-8x24uq-less-3300-ncp-acatalyst_8300-1n1s-6tcatalyst_3650-24pd-lcatalyst_3650-24td-lcatalyst_3650-24pd-scatalyst_3650-24ts-lcatalyst_9300l-24t-4g-ec9500-24qcatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_9800-clcatalyst_9300-48p-ecatalyst_3650-8x24pd-ecatalyst_9300-48t-ecatalyst_3850-24xu-easr_1002_fixed_routercatalyst_3650-12x48uq-ec9500-32cess-3300-24t-con-ecatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrisrvcatalyst_3650-24pdm-scatalyst_3850-24xucatalyst_9300-48uxm-ecatalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9400c9500-40xcatalyst_3650-48fqm-scatalyst_3850-48t-lcatalyst_3650-12x48fd-s1111x_integrated_services_routercatalyst_9600_supervisor_engine-1ess-3300-24t-con-acatalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_3650-8x24uq-scatalyst_3650-48tq-lcatalyst_9300-48u-a1100-4p_integrated_services_routercatalyst_ess9300catalyst_3650-48fq-scatalyst_ie3200_rugged_switchcatalyst_3850-48t-ecatalyst_cg522-ecatalyst_3650-48pq-s1101_integrated_services_routercatalyst_3650-48fqm-less-3300-24t-ncp-acatalyst_3850-12s-scatalyst_3850-24u-s1100_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rcatalyst_3650-12x48uz-sasr_1006-xcatalyst_9300l-24p-4g-aess-3300-24t-ncp-ecatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500catalyst_3650-12x48fd-e4221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-easr_1002-xcatalyst_9300l8800_18-slotcatalyst_3650-12x48uq-scatalyst_3650-12x48uz-ecatalyst_ie3400_rugged_switch4451-x_integrated_services_routerc9500-32qccatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_8510csrasr_1002-hx1109-2p_integrated_services_routerasr_1000-esp100catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500catalyst_3850-24t-ecatalyst_3650-24ts-scatalyst_3650-24ps-e4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_ie3300_rugged_switchcatalyst_3650-48fqm-ecatalyst_3650-48pd-ecatalyst_3650-24pdm-easr_1000csr_1000vcatalyst_3650-48ts-ecatalyst_3850-48p-lcatalyst_8300-2n2s-4t2x88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gcatalyst_3850-12xs-ecatalyst_8540csrcatalyst_3850-32xs-ecatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-ecatalyst_3850-24p-scatalyst_3650-24pdm-lcatalyst_3850-24ucatalyst_9300l_stackasr_1000-xcatalyst_9300l-24p-4g-ecatalyst_3650-24ts-ecatalyst_3650-24ps-lcatalyst_3650-48td-s111x_integrated_services_routercatalyst_9800-lasr_1013catalyst_8540msrcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gcbr-8catalyst_3650-48fd-lcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fs-ecatalyst_9300-24t-ecatalyst_3650-12x48uzcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-scatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_9407rcatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200catalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_9300l-48t-4g-aasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)catalyst_3650-48tq-scatalyst_cg418-ecatalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tcatalyst_9300l-48p-4x-eess-3300-con-acatalyst_3650-48fd-eess-3300-ncp-ecatalyst_3650-48fq-ecatalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3650-12x48fd-lcatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300catalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lcatalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1ess-3300-con-ecatalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-sc9500-12qcatalyst_3650-12x48ur-l8800_8-slotasr_1001-hx_rcatalyst_3650-24pdcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routerc9500-16xcatalyst_9300-48uxm-aasr_102388128818c8200-1n-4tcatalyst_9300-24p-acatalyst_3650-48ps-lasr_10011100-4g\/6g_integrated_services_routeresr6300catalyst_3850-48xs-ecatalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lasr_1001-hxcatalyst_3650-48fqcatalyst_3650-48fq-lasr_1009-xcatalyst_9300-24u-ecatalyst_3850-12x48ucatalyst_3650-48pd-scatalyst_9300-48un-aasr_1001-x_rcatalyst_3650-24pd-ecatalyst_3650-12x48uz-lioscatalyst_9300-24p-easr_1002-x_rcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsc8200l-1n-4t8800_4-slotcatalyst_3650-48ps-s4431_integrated_services_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerc9500-48y4c1109-4p_integrated_services_router8800_12-slotasr_1001-xcatalyst_3650-48ts-sc9500-24y4ccatalyst_3650-48ps-ecatalyst_9300-24ux-e4351_integrated_services_routerCisco IOS
CWE ID-CWE-563
Assignment to Variable without Use
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2021-34740
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.47%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562iaironet_1830eaironet_1850ecatalyst_iw6300catalyst_iw6300_dcwcatalyst_iw6300_accatalyst_9105axwaironet_1810w1100_integrated_services_routercatalyst_9130axecatalyst_9130_apaironet_1850aironet_1562eaironet_2800iaironet_1542iaironet_3800pcatalyst_iw6300_dccatalyst_9120axpcatalyst_9124axiaironet_1815aironet_1540111x_integrated_services_routercatalyst_9115axiaironet_1815iaironet_4800catalyst_9117axicatalyst_9120_apaironet_3800aironet_access_point_softwareaironet_3800i1100-4g\/6g_integrated_services_routercatalyst_9117_apaironet_2800eaironet_1800icatalyst_9115_apcatalyst_9124aironet_1560aironet_3800e1160_integrated_services_routercatalyst_9120axe1109-2p_integrated_services_routeraironet_1800aironet_1830aironet_1830icatalyst_91171109_integrated_services_routercatalyst_9115catalyst_91001120_integrated_services_routercatalyst_9130catalyst_9130axiaironet_2800aironet_1542d1111x_integrated_services_routercatalyst_9120aironet_1562d6300_series_access_points1101-4p_integrated_services_routercatalyst_9124axdcatalyst_9105axicatalyst_9120axi1100-4p_integrated_services_router1111x-8p_integrated_services_routeraironet_1840catalyst_9115axe1100-8p_integrated_services_routeraironet_1850i1109-4p_integrated_services_router1101_integrated_services_routeraironet_1810catalyst_9105Cisco Aironet Access Point Software
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-34727
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 76.07%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability

A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34725
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.17%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34724
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.44%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-284
Improper Access Control
CVE-2021-34703
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.27% / 50.39%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:25
Updated-07 Nov, 2024 | 21:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3650-24ps-scatalyst_3850catalyst_3850-32xs-ecatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-ecatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-24pdm-lcatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_3850-24ucatalyst_9300l_stackcatalyst_9300-48un-e4331_integrated_services_router4461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-acatalyst_3650-24ts-ecatalyst_3650-24ps-lcatalyst_9300l-24p-4g-ecatalyst_9300l-48t-4x-acatalyst_3650-48td-s111x_integrated_services_routercatalyst_3650-24pdmcatalyst_3650-8x24pd-scatalyst_3850-48u-lcatalyst_9800-lcatalyst_3650-48ts-lcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gcatalyst_3650-8x24uq-lcatalyst_3650-48fd-lcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fs-ecatalyst_3650-24ts-lcatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_9300-24t-ecatalyst_3650-12x48uzcatalyst_9300l-24t-4g-ecatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-scatalyst_9300-48p-ecatalyst_9800-clcatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3650-8x24pd-ecatalyst_9407rcatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9300-48t-ecatalyst_3850-24xu-ecatalyst_9200catalyst_3650-12x48uq-ecatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_9300l-48t-4g-acatalyst_3850-16xs-ecatalyst_3650-48tq-scatalyst_3650-24pdm-scatalyst_3850-24xucatalyst_9300-48uxm-ecatalyst_3850-48p-ecatalyst_9800-80catalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9300l-48p-4x-ecatalyst_9400catalyst_3650-48fqm-scatalyst_3850-48t-lcatalyst_3650-48fd-ecatalyst_3650-12x48fd-s1111x_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_3650-48fq-ecatalyst_9800catalyst_9300-24s-ecatalyst_3650-8x24uq-scatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_9300-48u-acatalyst_9300-48s-acatalyst_3650-12x48fd-l1100-4p_integrated_services_routercatalyst_3650-48fq-scatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300catalyst_3850-48t-ecatalyst_3650-48pq-s1101_integrated_services_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lcatalyst_3650-48fqm-lcatalyst_3850-24xs-ecatalyst_3850-12s-scatalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-scatalyst_3650-12x48ur-lcatalyst_3850-24u-s1100_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_3650-24pdcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_3650-12x48uz-scatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300-24p-acatalyst_3850-32xs-scatalyst_3650-48ps-lcatalyst_9500catalyst_3650-12x48fd-e1100-4g\/6g_integrated_services_router4221_integrated_services_routercatalyst_3850-24xu-lcatalyst_3850-48f-lcatalyst_3850-48xs-ecatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-ecatalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lcatalyst_3650-48fqcatalyst_9300lcatalyst_3650-48fq-lcatalyst_3650-12x48uz-ecatalyst_3650-12x48uq-scatalyst_9300-24u-e4451-x_integrated_services_routercatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_3850-12x48ucatalyst_3650-48pd-scatalyst_9300-48un-acatalyst_3650-24pd-e1109-2p_integrated_services_routercatalyst_3650-12x48uz-lioscatalyst_9300-24p-ecatalyst_3850-48xs-f-ecatalyst_9300-48t-acatalyst_9800-l-fcatalyst_9300l-48t-4x-ecatalyst_3850-12s-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24t-ecatalyst_3850-24xscatalyst_3650-24ts-scatalyst_3650-24ps-e4321_integrated_services_routercatalyst_3850-24xs-scatalyst_3650-48ps-s4431_integrated_services_routercatalyst_3650-48fqm-ecatalyst_3650-48pd-ecatalyst_3650-24pdm-ecsr_1000vcatalyst_3850-24u-ecatalyst_3850-48xs-scatalyst_3650-48ts-ecatalyst_3850-48p-lios_xe1111x-8p_integrated_services_router1100-8p_integrated_services_routercatalyst_9410r1109-4p_integrated_services_routercatalyst_3850-nm-8-10gcatalyst_3650-48ts-scatalyst_3650-48ps-ecatalyst_9300-24ux-e4351_integrated_services_routercatalyst_3850-12xs-eCisco IOS
CWE ID-CWE-456
Missing Initialization of a Variable
CWE ID-CWE-665
Improper Initialization
CVE-2021-1495
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.15% / 36.72%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 17:31
Updated-08 Nov, 2024 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

Action-Not Available
Vendor-snortCisco Systems, Inc.
Product-c8200l-1n-4t1111x_integrated_services_routercatalyst_8300-1n1s-4t2xcatalyst_8500lsnort4431_integrated_services_router1160_integrated_services_routerc8200-1n-4tcatalyst_8300-1n1s-6tios_xe1100-4g\/6g_integrated_services_router4221_integrated_services_routercatalyst_8300-2n2s-4t2x4331_integrated_services_router4461_integrated_services_router3000_integrated_services_routercatalyst_8300-2n2s-6t1101_integrated_services_router1109_integrated_services_router111x_integrated_services_router1120_integrated_services_routerfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2018-0179
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-2.39% / 84.42%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcatalyst_3850-16xs-scatalyst_3650-24pd-l4331\/k9-rf_integrated_services_routercatalyst_3850-48p-ecatalyst_9300-24t-e4461_integrated_services_router8201catalyst_3850-24u-lasr_1002-xcatalyst_8540msr1100-6g_integrated_services_routercatalyst_3650-24ts-scatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_8500lcatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_3850-24xu-scatalyst_3650-48pd-lcatalyst_3650-24pdm-s1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_3650-24pd-scatalyst_9300-24s-a1000_integrated_services_routerasr_1000-xcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-48pq-scatalyst_9300l-24t-4x-ecatalyst_3650-12x48uz-lcatalyst_3650-48fd-s1841_integrated_service_routercatalyst_3850-24u-scatalyst_3650-48ps-lintegrated_services_virtual_routerasr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_9300-48t-acatalyst_9300xcatalyst_3650-48fd-ecatalyst_8300-1n1s-6tcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3650-48fqmcatalyst_3650-24ps-lcatalyst_3850-48p-scatalyst_3850-48u-lcatalyst_3650-48ts-ecatalyst_9410rcatalyst_3650-12x48ur-scatalyst_3650-12x48uz-scatalyst_3850-nm-2-40gcatalyst_3650-12x48uq-ecatalyst_3650-24ps-ecatalyst_3650-24pdm8800_8-slot88121812_integrated_service_routerios1101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_9800-clasr_1004catalyst_8200asr_1001-xcatalyst_3850-32xs-scatalyst_3650-12x48ur-easr_1023catalyst_3650-8x24pd-ecatalyst_9300l-48p-4x-a1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3650-24ts-lcatalyst_3850-48t-e1941_integrated_services_routercatalyst_9300l-48t-4g-a3945_integrated_services_routercatalyst_3650-12x48uq-s8218catalyst_9800-l-f1906c_integrated_services_router4351\/k9-ws_integrated_services_router1100-4g_integrated_services_router1100-4gltena_integrated_services_routercatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_85008818catalyst_3850-24xu1109_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_3650-24td-l8202catalyst_3650-48fqm-e8208catalyst_3650-48fd-lcatalyst_3650-48fq-scatalyst_3850-48f-scatalyst_9300l-24p-4x-easr_1002-hxcatalyst_3650-48fs-l1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3650-12x48uz88081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-e3925_integrated_services_routercatalyst_9800-40catalyst_3650-48pd-easr_1002-x_rcatalyst_9300-24ux-easr_1000catalyst_3650-24ps-scatalyst_3850-24p-ecatalyst_9300l-48p-4g-easr_1009-x1109-4p_integrated_services_routercatalyst_3650-48ps-s1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_router8101-32fhcatalyst_3650-48td-scatalyst_3650-48ts-scatalyst_9300l-48t-4x-a1803_integrated_service_routercatalyst_3650-48fqm-lcloud_services_router_1000vcatalyst_3650-12x48uqcatalyst_9800catalyst_3850-24t-e4331_integrated_services_routercatalyst_3650-48fq-lcatalyst_3650-24pdm-lcatalyst_3650-48tq-s1100-8p_integrated_services_router1111x_integrated_services_routercatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_9400catalyst_3850-24s-scatalyst_8300-2n2s-4t2x1100_integrated_services_router1861_integrated_service_routercatalyst_3650-12x48fd-lasr_1002catalyst_3850-48t-scatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_9300l_stackcatalyst_9300-48s-e1941w_integrated_services_routercatalyst_3650-8x24uqcatalyst_8300-1n1s-4t2xcatalyst_3650-24pd-easr_1013catalyst_3650catalyst_3850-48t-lcatalyst_9200cx1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routerasr_1000-esp200-xasr_1006-xcatalyst_3850-24u-ecatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routercatalyst_3650-48pq-lcatalyst_3650-48fs-scatalyst_8510csrcatalyst_3850-nm-8-10g1101_integrated_services_router8102-64hcatalyst_3650-24td-s3945e_integrated_services_routercatalyst_3650-12x48uz-ecatalyst_3650-24ts-e4321\/k9-rf_integrated_services_routercatalyst_3650-48ts-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_8500-4qcesr-6300-con-k9catalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-lcatalyst_3650-48fqcatalyst_3650-48ps-e8800_18-slotcatalyst_9300-48uxm-acatalyst_38508201-32fhcatalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchcatalyst_3650-48pd-s4331\/k9-ws_integrated_services_routercatalyst_3650-48td-l4321\/k9-ws_integrated_services_routerasr_1001-x_rcatalyst_3650-48tq-ecatalyst_9300l-24p-4g-acatalyst_3850-48xs-e8800_12-slotcatalyst_9300-24ux-acatalyst_9407rcatalyst_9800-80catalyst_3650-8x24uq-s44461_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_routercatalyst_9300-48s-a8101-32hcatalyst_3650-8x24uq-lcatalyst_3650-48fq-ecatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_3850-24xs-scatalyst_3650-48fs-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006catalyst_3650-48td-easr_10013925e_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_ie3300_rugged_switch4431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3650-24td-ecatalyst_3650-12x48fd-scatalyst_9300-48uxm-ecatalyst_3850-24xu-ecatalyst_9300catalyst_3650-12x48fd-ecatalyst_3650-48fqm-scatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9300-24u-acatalyst_3850-24t-lcatalyst_9300-48u-ecatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-48u-acatalyst_3650-8x24pd-l8831catalyst_3650-48pq-ecatalyst_9300-24s-ecatalyst_3850-24xscatalyst_3650-8x24pd-s1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300catalyst_3850-48ucatalyst_3650-12x48ur-lcatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_3650-8x24uq-ecatalyst_3850-12s-ecatalyst_3850-32xs-easr_1002-hx_rcatalyst_3650-24pdCisco IOSIOS Software
CVE-2018-0180
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-2.05% / 83.12%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcatalyst_3850-16xs-scatalyst_3650-24pd-l4331\/k9-rf_integrated_services_routercatalyst_3850-48p-ecatalyst_9300-24t-e4461_integrated_services_router8201catalyst_3850-24u-lasr_1002-xcatalyst_8540msr1100-6g_integrated_services_routercatalyst_3650-24ts-scatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_8500lcatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_3850-24xu-scatalyst_3650-48pd-lcatalyst_3650-24pdm-s1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_3650-24pd-scatalyst_9300-24s-a1000_integrated_services_routerasr_1000-xcatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-48pq-scatalyst_9300l-24t-4x-ecatalyst_3650-12x48uz-lcatalyst_3650-48fd-s1841_integrated_service_routercatalyst_3850-24u-scatalyst_3650-48ps-lintegrated_services_virtual_routerasr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_9300-48t-acatalyst_9300xcatalyst_3650-48fd-ecatalyst_8300-1n1s-6tcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3650-48fqmcatalyst_3650-24ps-lcatalyst_3850-48p-scatalyst_3850-48u-lcatalyst_3650-48ts-ecatalyst_9410rcatalyst_3650-12x48ur-scatalyst_3650-12x48uz-scatalyst_3850-nm-2-40gcatalyst_3650-12x48uq-ecatalyst_3650-24ps-ecatalyst_3650-24pdm8800_8-slot88121812_integrated_service_routerios1101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_9800-clasr_1004catalyst_8200asr_1001-xcatalyst_3850-32xs-scatalyst_3650-12x48ur-easr_1023catalyst_3650-8x24pd-ecatalyst_9300l-48p-4x-a1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3650-24ts-lcatalyst_3850-48t-e1941_integrated_services_routercatalyst_9300l-48t-4g-a3945_integrated_services_routercatalyst_3650-12x48uq-s8218catalyst_9800-l-f1906c_integrated_services_router4351\/k9-ws_integrated_services_router1100-4g_integrated_services_router1100-4gltena_integrated_services_routercatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_85008818catalyst_3850-24xu1109_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_3650-24td-l8202catalyst_3650-48fqm-e8208catalyst_3650-48fd-lcatalyst_3650-48fq-scatalyst_3850-48f-scatalyst_9300l-24p-4x-easr_1002-hxcatalyst_3650-48fs-l1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3650-12x48uz88081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-e3925_integrated_services_routercatalyst_9800-40catalyst_3650-48pd-easr_1002-x_rcatalyst_9300-24ux-easr_1000catalyst_3650-24ps-scatalyst_3850-24p-ecatalyst_9300l-48p-4g-easr_1009-x1109-4p_integrated_services_routercatalyst_3650-48ps-s1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_router8101-32fhcatalyst_3650-48td-scatalyst_3650-48ts-scatalyst_9300l-48t-4x-a1803_integrated_service_routercatalyst_3650-48fqm-lcloud_services_router_1000vcatalyst_3650-12x48uqcatalyst_9800catalyst_3850-24t-e4331_integrated_services_routercatalyst_3650-48fq-lcatalyst_3650-24pdm-lcatalyst_3650-48tq-s1100-8p_integrated_services_router1111x_integrated_services_routercatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_9400catalyst_3850-24s-scatalyst_8300-2n2s-4t2x1100_integrated_services_router1861_integrated_service_routercatalyst_3650-12x48fd-lasr_1002catalyst_3850-48t-scatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_9300l_stackcatalyst_9300-48s-e1941w_integrated_services_routercatalyst_3650-8x24uqcatalyst_8300-1n1s-4t2xcatalyst_3650-24pd-easr_1013catalyst_3650catalyst_3850-48t-lcatalyst_9200cx1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routerasr_1000-esp200-xasr_1006-xcatalyst_3850-24u-ecatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routercatalyst_3650-48pq-lcatalyst_3650-48fs-scatalyst_8510csrcatalyst_3850-nm-8-10g1101_integrated_services_router8102-64hcatalyst_3650-24td-s3945e_integrated_services_routercatalyst_3650-12x48uz-ecatalyst_3650-24ts-e4321\/k9-rf_integrated_services_routercatalyst_3650-48ts-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_8500-4qcesr-6300-con-k9catalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-lcatalyst_3650-48fqcatalyst_3650-48ps-e8800_18-slotcatalyst_9300-48uxm-acatalyst_38508201-32fhcatalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchcatalyst_3650-48pd-s4331\/k9-ws_integrated_services_routercatalyst_3650-48td-l4321\/k9-ws_integrated_services_routerasr_1001-x_rcatalyst_3650-48tq-ecatalyst_9300l-24p-4g-acatalyst_3850-48xs-e8800_12-slotcatalyst_9300-24ux-acatalyst_9407rcatalyst_9800-80catalyst_3650-8x24uq-s44461_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_routercatalyst_9300-48s-a8101-32hcatalyst_3650-8x24uq-lcatalyst_3650-48fq-ecatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_3850-24xs-scatalyst_3650-48fs-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006catalyst_3650-48td-easr_10013925e_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_ie3300_rugged_switch4431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3650-24td-ecatalyst_3650-12x48fd-scatalyst_9300-48uxm-ecatalyst_3850-24xu-ecatalyst_9300catalyst_3650-12x48fd-ecatalyst_3650-48fqm-scatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9300-24u-acatalyst_3850-24t-lcatalyst_9300-48u-ecatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-48u-acatalyst_3650-8x24pd-l8831catalyst_3650-48pq-ecatalyst_9300-24s-ecatalyst_3850-24xscatalyst_3650-8x24pd-s1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300catalyst_3850-48ucatalyst_3650-12x48ur-lcatalyst_9300-24u-ecatalyst_9800-l-ccatalyst_3650-8x24uq-ecatalyst_3850-12s-ecatalyst_3850-32xs-easr_1002-hx_rcatalyst_3650-24pdCisco IOSIOS Software
CVE-2018-0154
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.10%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrcatalyst_3850-48xs-f-scatalyst_8300-2n2s-6tcloud_services_router_1000vcatalyst_3850-16xs-s4331\/k9-rf_integrated_services_routercatalyst_9800catalyst_3850-24t-ecatalyst_3850-48p-ecatalyst_9300-24t-e4331_integrated_services_routercatalyst_9800_embedded_wireless_controller4461_integrated_services_router82019800-40catalyst_3850-24u-l1100-8p_integrated_services_router1111x_integrated_services_routerasr_1002-xcatalyst_8540msrcatalyst_9300l-24t-4g-ecatalyst_9300l-48p-4g-acatalyst_9400catalyst_3850-24s-s1100-6g_integrated_services_router1100_integrated_services_routercatalyst_8300-2n2s-4t2x1861_integrated_service_routercatalyst_3850-16xs-easr_1002catalyst_3850-48t-scatalyst_8500lcatalyst_9600catalyst_3850-24xu-lcatalyst_9300-48un-ecatalyst_3850-48f-ecatalyst_3850-12s-scatalyst_9300-24p-acatalyst_9300-48s-ecatalyst_3850-24xu-scatalyst_9300l_stack1941w_integrated_services_routercatalyst_8300-1n1s-4t2x1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_9300-24s-a1000_integrated_services_routerasr_1013catalyst_9800-40_wireless_controllercatalyst_3850-48t-lasr_1000-xcatalyst_9200cxcatalyst_3850-24p-scatalyst_9300l-24t-4x-e1131_integrated_services_router111x_integrated_services_router4451-x_integrated_services_routercatalyst_9300-48s-aasr_1000-esp200-x1841_integrated_service_routerasr_1006-xcatalyst_3850-24u-ecatalyst_9800-lcatalyst_3850-24u-s1802_integrated_service_router88041160_integrated_services_routerintegrated_services_virtual_router9800-80asr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_8510csrcatalyst_9300-48t-acatalyst_9300xcatalyst_3850-nm-8-10g1101_integrated_services_routercatalyst_8300-1n1s-6t8102-64hcatalyst_9300l-24p-4x-acatalyst_3850-48xs-scatalyst_3850-48p-s4321\/k9-rf_integrated_services_routercatalyst_3850-48u-lcatalyst_9300-24t-acatalyst_ie3400_heavy_duty_switch4351\/k9-rf_integrated_services_routercatalyst_9410rcatalyst_8500-4qcesr-6300-con-k9catalyst_3850-nm-2-40gcatalyst_3850-48p-l8800_4-slotcatalyst_3850-24p-l8800_8-slotcatalyst_9600_supervisor_engine-188121812_integrated_service_routerioscatalyst_9400_supervisor_engine-11101-4p_integrated_services_routercatalyst_9300-48un-acatalyst_ie93008800_18-slotcatalyst_9300-48uxm-acatalyst_3850asr_1004catalyst_8200catalyst_9800-clasr_1001-x8201-32fhcatalyst_3850-32xs-sasr_1023catalyst_9200catalyst_9300-48p-acatalyst_3850-48pw-scatalyst_3850-48xs-f-ecatalyst_8510msrcatalyst_3850-48u-s1100-4p_integrated_services_routercatalyst_9300l-24p-4g-ecatalyst_ie3400_rugged_switchesr63004331\/k9-ws_integrated_services_routercatalyst_9800-80_wireless_controller4321\/k9-ws_integrated_services_routercatalyst_9300l-48p-4x-aasr_1001-x_r1111x-8p_integrated_services_routercatalyst_3850-48u-ecatalyst_3850-48t-ecatalyst_9300l-24p-4g-a1941_integrated_services_routercatalyst_3850-48xs-ecatalyst_9300l-48t-4g-a8800_12-slot8218catalyst_9300-24ux-acatalyst_9407r1906c_integrated_services_routercatalyst_9800-l-fcatalyst_9800-804351\/k9-ws_integrated_services_router44461_integrated_services_router1100-4g_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_router1100-4gltena_integrated_services_router4351_integrated_services_router8101-32hcatalyst_3850-12x48ucatalyst_3850-24pw-scatalyst_8500catalyst_3850-24xs-scatalyst_3850-24xs-easr_1001-hx_rcatalyst_3850-24t-scatalyst_ie3200_rugged_switch8818catalyst_3850-24xu1109_integrated_services_router9800-clcatalyst_9300l-48t-4g-easr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9500h4221_integrated_services_routerasr_1006asr_10018202catalyst_ie3300_rugged_switch9800-l82084431_integrated_services_router4351\/k9_integrated_services_routercatalyst_3850-48f-scatalyst_9300-48uxm-easr_1002-hxcatalyst_9300l-24p-4x-e1109-2p_integrated_services_routerasr_1001-hxcatalyst_9300lmcatalyst_3850-24xu-ecatalyst_930088081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_routercatalyst_3850-12xs-ecatalyst_3850-24u1120_integrated_services_routercatalyst_3850-12xs-s8212catalyst_9300lcatalyst_3850-24s-ecatalyst_3850-48xscatalyst_9300l-24t-4x-acatalyst_9800-40catalyst_9300-24u-acatalyst_3850-24t-lasr_1002-x_rcatalyst_9300-48t-ecatalyst_9300-48u-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-24ux-ecatalyst_9300-48u-aasr_10008831catalyst_9300-24s-ecatalyst_3850-24p-ecatalyst_3850-24xscatalyst_9300l-48p-4g-e1100-4g\/6g_integrated_services_routercatalyst_3850-48f-l1801_integrated_service_routercatalyst_8300asr_1009-xcbr8_converged_broadband_router1109-4p_integrated_services_routercatalyst_3850-48ucatalyst_9300-24u-ecatalyst_9800-l-c1921_integrated_services_routeresr-6300-ncp-k9catalyst_3850-12s-e4451_integrated_services_routercatalyst_3850-32xs-e8101-32fhasr_1002-hx_rcatalyst_9300l-48t-4x-a1803_integrated_service_routerCisco IOSIOS Software
CVE-2017-12319
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-1.27% / 78.66%
||
7 Day CHG~0.00%
Published-27 Mar, 2018 | 09:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. The vulnerability exists due to changes in the implementation of the BGP MPLS-Based Ethernet VPN RFC (RFC 7432) draft between IOS XE software releases. When the BGP Inclusive Multicast Ethernet Tag Route or BGP EVPN MAC/IP Advertisement Route update packet is received, it could be possible that the IP address length field is miscalculated. An attacker could exploit this vulnerability by sending a crafted BGP packet to an affected device after the BGP session was established. An exploit could allow the attacker to cause the affected device to reload or corrupt the BGP routing table; either outcome would result in a DoS. The vulnerability may be triggered when the router receives a crafted BGP message from a peer on an existing BGP session. This vulnerability affects all releases of Cisco IOS XE Software prior to software release 16.3 that support BGP EVPN configurations. If the device is not configured for EVPN, it is not vulnerable. Cisco Bug IDs: CSCui67191, CSCvg52875.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_9300l-24t-4g-acatalyst_8540csrasr_901s-3sg-f-ahcatalyst_8300-2n2s-6tcloud_services_router_1000v4331\/k9-rf_integrated_services_routercatalyst_9800asr_901s-2sg-f-ahcatalyst_9300-24t-e4331_integrated_services_router4461_integrated_services_router82019800-40catalyst_8540msr1100-8p_integrated_services_router1111x_integrated_services_routerasr_1002-xcatalyst_9300l-48p-4g-acatalyst_9300l-24t-4g-ecatalyst_94001100-6g_integrated_services_router1100_integrated_services_routercatalyst_8300-2n2s-4t2x1861_integrated_service_routerasr_1002catalyst_8500lcatalyst_9600catalyst_9300-48un-ecatalyst_9300-24p-acatalyst_9300-48s-ecatalyst_9300l_stack1941w_integrated_services_routercatalyst_8300-1n1s-4t2x1905_integrated_services_router4000_integrated_services_routercatalyst_9300l-48t-4x-ecatalyst_9300-24s-a1000_integrated_services_routerasr_1013asr_901-12c-ft-dasr_1000-xcatalyst_9200cxcatalyst_9300l-24t-4x-e1131_integrated_services_routerasr_901-6cz-fs-d111x_integrated_services_router4451-x_integrated_services_routernetwork_convergence_system_520asr_1000-esp200-x1841_integrated_service_routerasr_1006-xcatalyst_9800-l1802_integrated_service_router88041160_integrated_services_routerintegrated_services_virtual_router9800-80asr_1000-esp100-xcatalyst_9200lcatalyst_9600xcatalyst_8510csrcatalyst_9300-48t-acatalyst_9300x1101_integrated_services_routercatalyst_8300-1n1s-6t8102-64hcatalyst_9300l-24p-4x-a4321\/k9-rf_integrated_services_routerios_xecatalyst_9300-24t-a4351\/k9-rf_integrated_services_routercatalyst_9410rcatalyst_8500-4qcesr-6300-con-k98800_4-slot8800_8-slotcatalyst_9600_supervisor_engine-188121812_integrated_service_routerioscatalyst_9400_supervisor_engine-11101-4p_integrated_services_routercatalyst_9300-48un-a8800_18-slotcatalyst_9300-48uxm-acatalyst_9800-clasr_1004catalyst_8200asr_1001-x8201-32fhasr_901-6cz-f-aasr_1023catalyst_9200catalyst_9300-48p-acatalyst_8510msr1100-4p_integrated_services_routercatalyst_9300l-24p-4g-e4331\/k9-ws_integrated_services_router4321\/k9-ws_integrated_services_routercatalyst_9300l-48p-4x-aasr_1001-x_r1111x-8p_integrated_services_routercatalyst_9300l-24p-4g-a1941_integrated_services_routercatalyst_9300l-48t-4g-aasr_901-12c-f-d8800_12-slot8218catalyst_9300-24ux-acatalyst_9407r1906c_integrated_services_routercatalyst_9800-l-fcatalyst_9800-804351\/k9-ws_integrated_services_router44461_integrated_services_router1100-4g_integrated_services_routercatalyst_95004321\/k9_integrated_services_router4331\/k9_integrated_services_router4321_integrated_services_router1100-4gltena_integrated_services_router4351_integrated_services_router8101-32hasr_901s-4sg-f-dcatalyst_9300-48s-aasr_901-6cz-f-dcatalyst_8500catalyst_ie3200_rugged_switchasr_1001-hx_r88181109_integrated_services_router9800-clasr_901s-3sg-f-dasr_1000-esp100catalyst_9300l-48p-4x-ecatalyst_9300l-48t-4g-e4221_integrated_services_routerasr_1006catalyst_9500hasr_10018202asr_901-6cz-fs-aasr_901-6cz-ft-acatalyst_ie3300_rugged_switch9800-l82084431_integrated_services_routerasr_902u4351\/k9_integrated_services_routercatalyst_9300-48uxm-easr_1002-hxcatalyst_9300l-24p-4x-e1109-2p_integrated_services_routerasr_1001-hxasr_901-4c-f-dcatalyst_9300lmcatalyst_930088081100-lte_integrated_services_routercatalyst_9300-24p-e1811_integrated_service_router422_integrated_services_router1120_integrated_services_routercatalyst_9300l8212catalyst_9300l-24t-4x-acatalyst_9800-40catalyst_9300-24u-acatalyst_9300-48u-easr_1002-x_rcatalyst_9300-48t-e1100-4gltegb_integrated_services_routercatalyst_9300-48p-ecatalyst_9300-24ux-ecatalyst_9300-48u-aasr_10008831catalyst_9300-24s-ecatalyst_9300l-48p-4g-e1100-4g\/6g_integrated_services_routercatalyst_83001801_integrated_service_routerasr_1009-x1109-4p_integrated_services_routerasr_901-6cz-ft-dasr_902asr_901s-2sg-f-dcatalyst_9300-24u-ecatalyst_9800-l-c1921_integrated_services_routeresr-6300-ncp-k94451_integrated_services_routerasr_9008101-32fhasr_1002-hx_rasr_901-4c-ft-dcatalyst_9300l-48t-4x-a1803_integrated_service_routerCisco IOS XEIOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12232
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.58% / 80.86%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1000_integrated_services_router860vae-w_integrated_services_router888-cube_integrated_services_router892_integrated_services_routerasr_1009-xasr_1002-xcatalyst_8300-1n1s-6tcatalyst_8300asr_1000866vae_integrated_services_routerintegrated_services_virtual_routercatalyst_8500-4qc1100_integrated_services_router871_integrated_services_routercatalyst_8300-2n2s-4t2x887v_integrated_services_router892w_integrated_services_router887_integrated_services_routerasr_1002-hx829_industrial_integrated_services_router887va_integrated_services_router4331_integrated_services_router1109-2p_integrated_services_router4331\/k9_integrated_services_router888e_integrated_services_router1905_integrated_services_router4351\/k9-ws_integrated_services_router881_3g_integrated_services_routercatalyst_8540msr4321_integrated_services_router4351_integrated_services_routerasr_1000-esp100422_integrated_services_router1841_integrated_service_routercatalyst_8200891w_integrated_services_routerasr_1002-x_r1111x-8p_integrated_services_routerasr_1000-x1101-4p_integrated_services_routerasr_1023asr_1000-esp200-xasr_1001-hx4331\/k9-ws_integrated_services_router4351\/k9_integrated_services_router4451-x_integrated_services_routercatalyst_85004331\/k9-rf_integrated_services_router1109_integrated_services_router829_industrial_integrated_services_routers861w_integrated_services_router1812_integrated_service_routercatalyst_8500l1101_integrated_services_router880_3g_integrated_services_router888eg_3g_integrated_services_router892f-cube_integrated_services_routerasr_1001-hx_rasr_1006-xcatalyst_8540csr4431_integrated_services_router886vag_3g_integrated_services_router886va-cube_integrated_services_routercatalyst_8300-1n1s-4t2x1100-4g\/6g_integrated_services_router1801_integrated_service_routercatalyst_8510msr1100-4gltegb_integrated_services_routerios887vamg_3g_integrated_services_router1811_integrated_service_router888w_integrated_services_router880-voice_integrated_services_router886va_integrated_services_routerasr_1013887va-w_integrated_services_router886_integrated_services_router4351\/k9-rf_integrated_services_routerasr_1001-x891_integrated_services_router1100-4g_integrated_services_router4461_integrated_services_routercloud_services_router_1000v44461_integrated_services_router888_integrated_services_router1100-4gltena_integrated_services_router1160_integrated_services_router1120_integrated_services_router1906c_integrated_services_router1941w_integrated_services_router887vam-w_integrated_services_router1861_integrated_service_router1100-lte_integrated_services_routerasr_1000-esp100-x4321\/k9-ws_integrated_services_router891-24x_integrated_services_router881w_integrated_services_routerasr_1002-hx_r4221_integrated_services_routerasr_10011100-8p_integrated_services_router881_integrated_services_router1941_integrated_services_router1921_integrated_services_router1802_integrated_service_router1111x_integrated_services_routerasr_1000_1109-4p_integrated_services_router4000_integrated_services_routerasr_1001-x_rasr_1004catalyst_8510csr4451_integrated_services_routerasr_10061803_integrated_service_router887vag_3g_integrated_services_router881-cube_integrated_services_router829_integrated_services_router867vae_integrated_services_router888e-cube_integrated_services_router4321\/k9_integrated_services_router886va-w_integrated_services_router1131_integrated_services_router867_integrated_services_routercatalyst_8300-2n2s-6t111x_integrated_services_router861_integrated_services_router887va-cube_integrated_services_router4321\/k9-rf_integrated_services_routerasr_1002Cisco IOSIOS software
CVE-2017-12231
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.10%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3850-nm-2-40gcatalyst_3850-24t-scatalyst_9800-80asr_901s-4sg-f-dasr_1009-xcatalyst_8300catalyst_3650-48fs-ecatalyst_3850-24xs-scatalyst_3650-24ts-lcatalyst_3850-12s-e1100_integrated_services_routercatalyst_3650-24ps-sasr_9910catalyst_3650-48fd-scatalyst_8300-2n2s-4t2xcatalyst_9800asr_920-12cz-dasr_920-12cz-a_rasr_920u-12sz-imcatalyst_3650-48fq-sasr_901-6cz-fs-acatalyst_3650-48fq-l1109-2p_integrated_services_routercatalyst_9300-48t-ecatalyst_3650-48pd-lcatalyst_9300-48t-acatalyst_9300l-48t-4g-a8201-32fh9800-lcatalyst_3650-48tq-ecatalyst_3650-48ps-lasr_1002_fixed_routercatalyst_9300-24s-acatalyst_3850-48xs-easr_1000-esp100catalyst_9300l-24t-4g-ecatalyst_82001841_integrated_service_routercatalyst_3650-12x48uzasr_901-4c-ft-dcatalyst_3850-48p-sasr_920-4sz-a_rasr_920-4sz-dcatalyst_3850-48f-ecatalyst_3650-24pdasr_901s-3sg-f-ahcatalyst_9300-24t-acatalyst_3650-48td-easr_1001-hxcatalyst_3850-24t-l8101-32hcatalyst_8500catalyst_9300-48uxm-ecatalyst_3650-48fd-lcatalyst_3850-48t-lcatalyst_3850-nm-8-10gcatalyst_9300l-24p-4g-acatalyst_9300-24u-aasr_900catalyst_3850-12x48ucatalyst_3650-24ps-e8201catalyst_3650-24pd-ecatalyst_3850-48t-ecatalyst_9800-cl1812_integrated_service_routerasr_901-12c-f-dcatalyst_8500lasr_907catalyst_3650-48td-lcatalyst_9200asr_1001-hx_rasr_1006-xcatalyst_3650-48td-scatalyst_9300-24s-ecatalyst_3650-8x24uq-lcatalyst_8300-1n1s-4t2xcatalyst_9300l-24t-4x-a1100-4g\/6g_integrated_services_router1801_integrated_service_router1100-4gltegb_integrated_services_routerasr_9010catalyst_3850-24xu-l1811_integrated_service_router8800_8-slotcatalyst_9300lcatalyst_9800-lasr_920-24sz-imcatalyst_3650-12x48ur-scatalyst_3650-24td-sasr_10138800_4-slotcatalyst_3650-48fq9800-clcatalyst_9300l-48p-4g-acatalyst_9300-24p-ecatalyst_9300-48un-acatalyst_96008808catalyst_95001160_integrated_services_router1941w_integrated_services_router1906c_integrated_services_routercatalyst_ie3300_rugged_switchasr_901s-2sg-f-dcatalyst_3650-12x48uq-sasr_920-24tz-m_rcatalyst_3850-24ucatalyst_3650-48pd-easr_920-12sz-im_rcatalyst_3850-16xs-scatalyst_3650-48tq-scatalyst_3850-48ucatalyst_9600xcatalyst_9300l-48t-4x-acatalyst_3650-24pdm-ecatalyst_3850-32xs-easr_9920asr_920-4sz-d_r4221_integrated_services_routercatalyst_3650-48ts-l1100-8p_integrated_services_router8212asr_920-24sz-mcatalyst_9300l-48t-4g-ecatalyst_9300l-48t-4x-ecatalyst_3650-12x48uq-lcatalyst_3850-48p-lasr_902asr_9006catalyst_3650-48pq-e1109-4p_integrated_services_routercatalyst_3850-24xu-ecatalyst_3850-24t-ecatalyst_8510csrcatalyst_9300lmasr_9000v8818catalyst_3650-12x48uz-sasr_901-6cz-f-acatalyst_3850-48u-lcatalyst_3850-24s-scatalyst_3850-24u-scatalyst_3650-24pd-scatalyst_3650-48fqm-ecatalyst_9300l-48p-4g-ecatalyst_3650catalyst_3850-12s-sasr_9902asr_901s-2sg-f-ahcatalyst_9300-24t-e9800-40catalyst_3650-12x48ur-ecatalyst_9300l-24p-4x-ecatalyst_9300-48u-acatalyst_9800-l-fcatalyst_3650-12x48ur-lcatalyst_ie3200_rugged_switchasr_1002-xcatalyst_8300-1n1s-6tcatalyst_3650-24pdm-lasr_10001100-6g_integrated_services_routercatalyst_3650-8x24uq-easr_901-6cz-ft-dcatalyst_3650-12x48uz-ecatalyst_9300l-48p-4x-acatalyst_8500-4qccatalyst_3850-24pw-scatalyst_3650-12x48fd-scatalyst_3850-48xs-s8218asr_920-10sz-pd_rcatalyst_9300-48u-ecatalyst_3850-48t-sasr_920-24sz-m_rcatalyst_3850-24xu-scatalyst_3850-48f-lcatalyst_3850catalyst_9600_supervisor_engine-18101-32fhasr_1002-hxcatalyst_3650-12x48uq8102-64hcatalyst_3650-8x24uq-sasr_920-12cz-acatalyst_3650-48pq-lcatalyst_3650-48fs-l1905_integrated_services_routercatalyst_9200lcatalyst_3650-24ps-lasr_9901catalyst_8540msrasr_901s-3sg-f-d8202catalyst_9300-48s-a8800_18-slotcatalyst_3850-32xs-sasr_1002-x_rcatalyst_3650-24td-ecatalyst_3850-48xs-f-e8800_12-slotcatalyst_3650-24td-lcatalyst_9300-24ux-e1111x-8p_integrated_services_routercatalyst_3850-24p-easr_9912catalyst_3650-12x48uz-lcatalyst_3850-24p-scatalyst_9300-24u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-24s-ecatalyst_3850-24xuasr_1023asr_903catalyst_3650-24pd-lcatalyst_9300l-24p-4g-ecatalyst_3850-24u-lasr_920-4sz-aasr_1000-esp200-x1100-4p_integrated_services_routercatalyst_3850-24u-easr_9904asr_901-6cz-fs-d1109_integrated_services_routerasr_901-4c-f-dcatalyst_3650-48fd-e8812catalyst_3650-48fs-scatalyst_3850-48pw-s1101_integrated_services_routerasr_901-6cz-ft-a8804catalyst_3850-12xs-scatalyst_3650-12x48urcatalyst_3850-24xsasr_920-12cz-d_rcatalyst_9300-24ux-acatalyst_8540csrcatalyst_3650-8x24uqcatalyst_3650-48ts-scatalyst_9200cxcatalyst_9300l-24t-4g-acatalyst_3650-8x24pd-scatalyst_8510msrcatalyst_9800_embedded_wireless_controlleriosasr_914catalyst_3850-48xscatalyst_3850-48p-ecatalyst_3850-48u-ecatalyst_9300l_stackcatalyst_3650-48fq-easr_902uasr_901-12c-ft-dcatalyst_3850-48xs-f-sasr_9922catalyst_3850-24p-lcatalyst_9300-48p-acatalyst_9300-48p-easr_1001-xcatalyst_9800-40_wireless_controllercatalyst_9300-48un-ecatalyst_3650-24ts-e1100-4g_integrated_services_routercatalyst_9800-40asr_9903catalyst_9300-24p-acatalyst_9300-48s-e1100-4gltena_integrated_services_router1120_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_9300xcatalyst_3850-24xs-ecatalyst_3850-48f-sasr_920-12sz-im1861_integrated_service_routercatalyst_3650-8x24pd-ecatalyst_9300-48uxm-a1100-lte_integrated_services_routercatalyst_9500hasr_1000-esp100-xasr_920-10sz-pdcatalyst_9300l-48p-4x-ecatalyst_3650-48fqm-scatalyst_3850-12xs-e1100_terminal_services_gatewaysasr_920-24tz-mcatalyst_3650-48fqm-lasr_920-24sz-im_rasr_1002-hx_rasr_1001catalyst_3650-48pq-scatalyst_3650-48fqmcatalyst_9300catalyst_3650-12x48fd-lasr_90001941_integrated_services_routercatalyst_3650-48pd-s1921_integrated_services_routercatalyst_3650-8x24pd-l1802_integrated_service_routerasr_9906catalyst_9300l-24p-4x-acatalyst_3650-12x48uq-e4000_integrated_services_routerasr_1001-x_r8208asr_1004catalyst_3650-48ps-easr_901-6cz-f-dcatalyst_9800-80_wireless_controllerasr_10061803_integrated_service_routercatalyst_3650-24ts-scatalyst_3650-24pdmcatalyst_3650-48ps-scatalyst_9800-l-casr_9001catalyst_3650-48ts-ecatalyst_3850-16xs-e9800-80catalyst_3850-48u-s1131_integrated_services_routercatalyst_3650-12x48fd-ecatalyst_3650-24pdm-scatalyst_8300-2n2s-6t111x_integrated_services_routerCisco IOSIOS software
CVE-2017-12234
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.01% / 92.76%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1000_integrated_services_router1841_integrated_service_router1117-4pwe1100-4g\/6g_integrated_services_router1117-4plteeawe11201801_integrated_service_routercatalyst_ie3200_rugged_switch1100-4gltegb_integrated_services_routerioscatalyst_ie3400_rugged_switch1100-8p_integrated_services_router1100-6g_integrated_services_router1109-2p1111x-8p1101-4p1811_integrated_service_router1111-4pwe1941_integrated_services_router1113-8pmwe1101-4p_integrated_services_router1113-8pwe1921_integrated_services_router1802_integrated_service_routeresr-6300-ncp-k91100_integrated_services_router1100-4p_integrated_services_router1100-4pesr-6300-con-k91100-4g_integrated_services_router1116-4plteeawe1803_integrated_service_router1111-8pwb1109-4p1120_connected_grid_router1100-4gltena_integrated_services_router1160_integrated_services_router1120_integrated_services_router1906c_integrated_services_router1941w_integrated_services_routercatalyst_ie3300_rugged_switch1812_integrated_service_router1100-8pcatalyst_ie3400_heavy_duty_switch1861_integrated_service_router1101_integrated_services_router1131_integrated_services_router1117-4pmlteeawe1100-lte_integrated_services_routercatalyst_ie93001905_integrated_services_router1117-4pmwe1100_terminal_services_gateways1113-8plteeawe1116-4pweCisco IOSIOS software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12233
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.01% / 92.76%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1000_integrated_services_router1841_integrated_service_router1117-4pwe1100-4g\/6g_integrated_services_router1117-4plteeawe11201801_integrated_service_routercatalyst_ie3200_rugged_switch1100-4gltegb_integrated_services_routerioscatalyst_ie3400_rugged_switch1100-8p_integrated_services_router1100-6g_integrated_services_router1109-2p1111x-8p1101-4p1811_integrated_service_router1111-4pwe1941_integrated_services_router1113-8pmwe1101-4p_integrated_services_router1113-8pwe1921_integrated_services_router1802_integrated_service_routeresr-6300-ncp-k91100_integrated_services_router1100-4p_integrated_services_router1100-4pesr-6300-con-k91100-4g_integrated_services_router1116-4plteeawe1803_integrated_service_router1111-8pwb1109-4p1120_connected_grid_router1100-4gltena_integrated_services_router1160_integrated_services_router1120_integrated_services_router1906c_integrated_services_router1941w_integrated_services_routercatalyst_ie3300_rugged_switch1812_integrated_service_router1100-8pcatalyst_ie3400_heavy_duty_switch1861_integrated_service_router1101_integrated_services_router1131_integrated_services_router1117-4pmlteeawe1100-lte_integrated_services_routercatalyst_ie93001905_integrated_services_router1117-4pmwe1100_terminal_services_gateways1113-8plteeawe1116-4pweCisco IOSIOS software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12237
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-10.85% / 93.10%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an affected device processes certain IKEv2 packets. An attacker could exploit this vulnerability by sending specific IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. This vulnerability affects Cisco devices that have the Internet Security Association and Key Management Protocol (ISAKMP) enabled. Although only IKEv2 packets can be used to trigger this vulnerability, devices that are running Cisco IOS Software or Cisco IOS XE Software are vulnerable when ISAKMP is enabled. A device does not need to be configured with any IKEv2-specific features to be vulnerable. Many features use IKEv2, including different types of VPNs such as the following: LAN-to-LAN VPN; Remote-access VPN, excluding SSL VPN; Dynamic Multipoint VPN (DMVPN); and FlexVPN. Cisco Bug IDs: CSCvc41277.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3850-24t-scatalyst_3850-nm-2-40g1000_integrated_services_routerasr_1009-xcatalyst_8300catalyst_3650-48fs-eintegrated_services_virtual_routercatalyst_3850-24xs-scatalyst_3650-24ts-lcatalyst_3850-12s-e1100_integrated_services_routercatalyst_3650-24ps-scatalyst_3650-48fd-scatalyst_8300-2n2s-4t2xcatalyst_9800catalyst_3650-48fq-scatalyst_3650-48fq-l1109-2p_integrated_services_routercatalyst_9300-48t-ecatalyst_3650-48pd-lcatalyst_9300-48t-acatalyst_9300l-48t-4g-a8201-32fh9800-lcatalyst_3650-48tq-ecatalyst_3650-48ps-lcatalyst_3850-48xs-ecatalyst_9300-24s-a4321_integrated_services_router4351_integrated_services_routercatalyst_9300l-24t-4g-ecatalyst_82001841_integrated_service_routercatalyst_3650-12x48uzcatalyst_3850-48p-sasr_1000-xcatalyst_3850-48f-ecatalyst_3650-24pdcatalyst_9300-24t-acatalyst_3650-48td-easr_1001-hxcatalyst_3850-24t-lesr63008101-32hcatalyst_85004451-x_integrated_services_routercatalyst_9300-48uxm-ecatalyst_3650-48fd-lcatalyst_3850-48t-lcatalyst_3850-nm-8-10gcatalyst_9300l-24p-4g-a8831catalyst_9300-24u-acatalyst_3850-12x48ucatalyst_3650-24ps-e8201catalyst_3650-24pd-ecatalyst_3850-48t-ecatalyst_9800-cl1812_integrated_service_routercatalyst_8500lcatalyst_3650-48td-lcatalyst_9200asr_1001-hx_rasr_1006-x4431_integrated_services_routercatalyst_3650-48td-scatalyst_9300-24s-ecatalyst_3650-8x24uq-lcatalyst_8300-1n1s-4t2xcatalyst_9300l-24t-4x-a1100-4g\/6g_integrated_services_router1801_integrated_service_router1100-4gltegb_integrated_services_routercatalyst_3850-24xu-l1811_integrated_service_router8800_8-slotcatalyst_9300lcatalyst_9800-lcatalyst_3650-12x48ur-scatalyst_3650-24td-sasr_10138800_4-slotcatalyst_3650-48fqesr-6300-con-k99800-clcatalyst_9300l-48p-4g-acatalyst_9300-24p-ecatalyst_9300-48un-acatalyst_96008808catalyst_95001160_integrated_services_router1941w_integrated_services_router1906c_integrated_services_routercatalyst_ie3300_rugged_switchcatalyst_3650-12x48uq-sios_xecatalyst_3850-24ucatalyst_3650-48pd-ecatalyst_3850-16xs-s4321\/k9-ws_integrated_services_routercatalyst_3650-48tq-scatalyst_3850-48ucatalyst_9600xcatalyst_9300l-48t-4x-acatalyst_3650-24pdm-ecatalyst_3850-32xs-e4221_integrated_services_routercatalyst_3650-48ts-l82121100-8p_integrated_services_routercatalyst_9300l-48t-4g-ecatalyst_9300l-48t-4x-ecatalyst_3650-12x48uq-lcatalyst_3850-48p-lcatalyst_3650-48pq-e1111x_integrated_services_routercatalyst_9300lmcatalyst_8510csr1109-4p_integrated_services_routercatalyst_3850-24t-ecatalyst_3850-24xu-e8818catalyst_3650-12x48uz-scatalyst_3850-48u-lcatalyst_3850-24s-scatalyst_3850-24u-scatalyst_3650-24pd-scatalyst_3650-48fqm-ecatalyst_9300l-48p-4g-ecatalyst_3650catalyst_3850-12s-s4321\/k9_integrated_services_routercatalyst_9300-24t-e9800-40catalyst_3650-12x48ur-ecatalyst_9300l-24p-4x-e4321\/k9-rf_integrated_services_routercatalyst_9300-48u-acatalyst_9800-l-fasr_1002-xcatalyst_3650-12x48ur-lcatalyst_8300-1n1s-6tcatalyst_ie3200_rugged_switchcatalyst_3650-24pdm-lasr_10001100-6g_integrated_services_routercatalyst_3650-8x24uq-ecatalyst_3650-12x48uz-ecatalyst_9300l-48p-4x-acatalyst_8500-4qccatalyst_3850-24pw-sesr-6300-ncp-k9catalyst_3650-12x48fd-scatalyst_3850-48xs-s8218catalyst_9300-48u-ecatalyst_3850-48t-scatalyst_3850-24xu-scatalyst_3850-48f-lcatalyst_3850catalyst_9600_supervisor_engine-18101-32fhasr_1002-hxcatalyst_3650-12x48uq8102-64h4331_integrated_services_routercatalyst_3650-8x24uq-scatalyst_3650-48pq-lcatalyst_3650-48fs-l4331\/k9_integrated_services_routercatalyst_ie93001905_integrated_services_router4351\/k9-ws_integrated_services_routercatalyst_9200lcatalyst_3650-24ps-lcatalyst_8540msr82028800_18-slotcatalyst_9300-48s-a422_integrated_services_routercatalyst_3850-32xs-sasr_1002-x_rcatalyst_9407rcatalyst_3650-24td-ecatalyst_ie3400_rugged_switchcatalyst_3850-48xs-f-ecbr-8_converged_broadband_router8800_12-slotcatalyst_3650-24td-lcatalyst_9300-24ux-e1111x-8p_integrated_services_routercatalyst_3850-24p-ecatalyst_3650-12x48uz-lcatalyst_3850-24p-scatalyst_9300-24u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_3850-24s-ecatalyst_3850-24xuasr_1023catalyst_3650-24pd-lcatalyst_9300l-24p-4g-ecatalyst_3850-24u-l1100-4p_integrated_services_routercatalyst_3850-24u-e4331\/k9-ws_integrated_services_router4351\/k9_integrated_services_router4331\/k9-rf_integrated_services_router1109_integrated_services_routercatalyst_3650-48fd-e8812catalyst_3650-48fs-scatalyst_3850-48pw-s1101_integrated_services_router8804catalyst_3850-12xs-scatalyst_3650-12x48urcatalyst_3850-24xscatalyst_9300-24ux-acatalyst_8540csrcatalyst_9400_supervisor_engine-1catalyst_3650-8x24uqcatalyst_3650-48ts-scatalyst_9200cxcatalyst_9300l-24t-4g-acatalyst_3650-8x24pd-scatalyst_8510msrioscatalyst_3850-48xscatalyst_3850-48p-ecatalyst_3850-48u-ecatalyst_9300l_stackcatalyst_3650-48fq-ecatalyst_3850-48xs-f-scatalyst_3850-24p-lcatalyst_9300-48p-acatalyst_9300-48p-e4351\/k9-rf_integrated_services_routerasr_1001-xcatalyst_9300-48un-ecatalyst_3650-24ts-e1100-4g_integrated_services_router4461_integrated_services_router44461_integrated_services_routercatalyst_9300-24p-acatalyst_9400catalyst_9300-48s-e1100-4gltena_integrated_services_router1120_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_9300xcatalyst_3850-24xs-ecatalyst_3850-48f-s1861_integrated_service_routercatalyst_3650-8x24pd-ecatalyst_9300-48uxm-a1100-lte_integrated_services_routercatalyst_9500hcatalyst_9300l-48p-4x-ecatalyst_3650-48fqm-scatalyst_3850-12xs-e1240_connected_grid_routercatalyst_3650-48fqm-lasr_1002-hx_rasr_1001catalyst_3650-48pq-scatalyst_3650-48fqmcatalyst_9300catalyst_3650-12x48fd-l1941_integrated_services_routercatalyst_3650-48pd-s1921_integrated_services_router1802_integrated_service_routercatalyst_3650-8x24pd-lcatalyst_9300l-24p-4x-acatalyst_3650-12x48uq-e4000_integrated_services_router8208asr_1001-x_rasr_1004catalyst_3650-48ps-e4451_integrated_services_routerasr_10061803_integrated_service_routercatalyst_3650-24ts-scatalyst_3650-24pdmcatalyst_3650-48ps-scatalyst_9800-l-ccatalyst_3650-48ts-ecatalyst_3850-16xs-e9800-80catalyst_ie3400_heavy_duty_switchcatalyst_3850-48u-s1131_integrated_services_routercatalyst_3650-12x48fd-ecatalyst_3650-24pdm-scatalyst_8300-2n2s-6tcatalyst_9410rasr_1002Cisco IOS and IOS XEIOS and IOS XE Software