NotCVE - vendor:"Cisco" product:"Ios" version:" <= 15.0xa"

Page 13 of 422 results (0.006 seconds)

CVSS: 6.5EPSS: 0%CPEs: 34EXPL: 0

CVE-2017-12238 – Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability

https://notcve.org/view.php?id=CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. • http://www.securityfocus.com/bid/101040 http://www.securitytracker.com/id/1039453 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 6%CPEs: 2762EXPL: 0

CVE-2017-12240 – Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-12240

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. • http://www.securityfocus.com/bid/101034 http://www.securitytracker.com/id/1039445 https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390 https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0

CVE-2011-4667

https://notcve.org/view.php?id=CVE-2011-4667

The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP Security (aka IPSec) is used, allows remote attackers to obtain unencrypted packets from encrypted sessions. La biblioteca de cifrado en Cisco IOS Software 15.2(1)T, 15.2(1)T1 y 15.2(2)T, Cisco NX-OS en Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module y Cisco MDS 9000 Storage Services Node module en versiones anteriores a la 5.2(6) y Cisco IOS en Cisco VPN Services Port Adaptor para Catalyst 6500 12.2(33)SXI y 12.2(33)SXJ cuando se usa IP Security (también conocido como IPSec) permite que los atacantes remotos obtengan paquetes sin cifrar a través de sesiones sin cifrar. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120913-CVE-2011-4667 https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html • CWE-310: Cryptographic Issues •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2010-3050

https://notcve.org/view.php?id=CVE-2010-3050

Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot). Cisco IOS en versiones anteriores a la 12.2(33)SXI permite que los usuarios autenticados remotos provoquen una denegación de servicio (reinicio del dispositivo). • https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2010-3049

https://notcve.org/view.php?id=CVE-2010-3049

Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot). Cisco IOS en versiones anteriores a la 12.2(33)SXI permite que los usuarios locales provoquen una denegación de servicio (reinicio del dispositivo). • https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html • CWE-20: Improper Input Validation •

1...11 12 13 14 15