Page 15 of 74 results (0.014 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml http://www.cisco.com/warp/public/770/wccpauth-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1577 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. • http://ciac.llnl.gov/ciac/bulletins/j-016.shtml http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1401 •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. • http://www.osvdb.org/1099 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. • http://www.cert.org/advisories/CA-1992-20.html •