CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2015-0631
https://notcve.org/view.php?id=CVE-2015-0631
21 Feb 2015 — Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688. Condición de carrera en la implementación SSL en los dispositivos Cisco Intrusion Prevention System (IPS) permite a atacantes remotos causar una denegación de servicio al hacer muchas conexiones HTTPS de la interfaz de gestión durante la fas... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 12%CPEs: 22EXPL: 1CVE-2007-4430 – Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4430
20 Aug 2007 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegación de servicio (reinicio... • https://www.exploit-db.com/exploits/30506 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2006-4910
https://notcve.org/view.php?id=CVE-2006-4910
21 Sep 2006 — The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. La interfaz web(mainApp)para administrar a Cisco IDS nateriores a 4.1(5c), e IPS 5.0 anteriores a 5.0(6p1) y 5.1 anteriores a 5.1(2)permite a un atacante remoto provocar una denegación de servicio (dispositivo sin respuesta) a través de un paquete artesanal SSLv2 Client Hel... • http://secunia.com/advisories/22046 •
CVSS: 7.5EPSS: 2%CPEs: 138EXPL: 0CVE-2006-3906
https://notcve.org/view.php?id=CVE-2006-3906
27 Jul 2006 — Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IO... • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html •
CVSS: 9.8EPSS: 1%CPEs: 156EXPL: 0CVE-2005-4499
https://notcve.org/view.php?id=CVE-2005-4499
22 Dec 2005 — The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. • http://secunia.com/advisories/18141 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-2695
https://notcve.org/view.php?id=CVE-2005-2695
25 Aug 2005 — Unspecified vulnerability in the SSL certificate checking functionality in Cisco CiscoWorks Management Center for IDS Sensors (IDSMC) 2.0 and 2.1, and Monitoring Center for Security (Security Monitor or Secmon) 1.1 through 2.0 and 2.1, allows remote attackers to spoof a Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS). • http://secunia.com/advisories/16544 •
CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 2CVE-2002-0908 – Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access
https://notcve.org/view.php?id=CVE-2002-0908
31 Aug 2002 — Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. Vulnerabilidad de atravesamiento de directorios en el servidor web de Cisco IDS Device Manager anteriores a 3.1.2 permite a atacantes remotos leer ficheros arbitrarios mediante .. (punto punto) en la petición HTTPS. • https://www.exploit-db.com/exploits/21456 •