CVSS: 5.3EPSS: 0%CPEs: 28EXPL: 0CVE-2016-1378
https://notcve.org/view.php?id=CVE-2016-1378
14 Apr 2016 — Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591. Cisco IOS en versiones anteriores a 15.2(2)E1 en switches Catalyst permite a atacantes remotos obtener información de la versión del software potencialmente sensible a través de una petición al puerto Network Mobility Services Protocol (NMSP), también conocida como Bug ID CSCum62591. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 2%CPEs: 59EXPL: 0CVE-2016-1351
https://notcve.org/view.php?id=CVE-2016-1351
26 Mar 2016 — The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279. La implemetación de Locator/ID Separation Protocol (LISP) en Cisco IOS 15.1 y 15.2 y NX-OS 4.1 hasta la versión 6.2 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de una cabecera manipulada en un paquete, también conocido com... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 9%CPEs: 33EXPL: 0CVE-2016-1347
https://notcve.org/view.php?id=CVE-2016-1347
24 Mar 2016 — The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708. La implementación de Wide Area Application Services (WAAS) Express en Cisco IOS 15.1 hasta la versión 15.5 permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un segmento TCP manipulado, también conocida como Bug ID CSCuq59708. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2015-6429
https://notcve.org/view.php?id=CVE-2015-6429
19 Dec 2015 — The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. La máquina de estado IKEv1 en Cisco IOS 15.4 hasta la versión 15.6 y IOS XE 3.15 hasta la versión 3.17 permite a atacantes remotos causar una denegación de servicio (terminación de conexión IPsec) a través de un paquete IKEv1 manipulado en un dispositivo final del tunel, ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios • CWE-19: Data Processing Errors •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-6359
https://notcve.org/view.php?id=CVE-2015-6359
15 Dec 2015 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217. La implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en Cisco IOS 15.3(3)S0.1 en dispositivos ASR no maneja adecuadamente las tablas internas, lo que permite a atacantes remotos causar una denegación ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ios • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6375
https://notcve.org/view.php?id=CVE-2015-6375
21 Nov 2015 — The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010. La funcionalidad debug-logging (también conocida como debug cns) en Cisco Networking Services (CNS) para IOS 15.2(2)E3 permite a usuarios locales obtener información sensible mediante la lectura de un archivo no especificado, también conocida como Bug ID CSCux18010. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6365
https://notcve.org/view.php?id=CVE-2015-6365
14 Nov 2015 — Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in opportunistic circumstances by using PPP, aka Bug ID CSCur61303. Cisco IOS 15.2(04)M y 15.4(03)M permite a ACLs de interfaz física reemplazar a ACLs de interfaz virtual PPP, lo que permite a usuarios remotos autenticados eludir las restricciones destinadas al tráfico de red en circunstancias oportunistas mediante el us... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-ios1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6366
https://notcve.org/view.php?id=CVE-2015-6366
13 Nov 2015 — Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042. Cisco IOS 15.2(04)M6 y 15.4(03)S permite a ACLs de interfaz física reemplazar a ACLs de interfaz túnel, lo que permite a atacantes remotos eludir las restricciones destinadas al tráfico de red en circunstancias oportunistas mediante el uso de un túnel, también con... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-ios2 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6263
https://notcve.org/view.php?id=CVE-2015-6263
12 Oct 2015 — The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a shared RADIUS secret is configured, allows remote RADIUS servers to cause a denial of service (device reload) via malformed answers, aka Bug ID CSCuu59324. La implementación del cliente RADIUS en Cisco IOS 15.4(3)M2.2, cuando se configura un secreto RADIUS compartido, permite a servidores RADIUS remotos causar una denegación de servicio (reinicio del dispositivo) a través de respuestas malformadas, también conocido como error CSCuu59324. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-ios-radius • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 155EXPL: 0CVE-2015-6278
https://notcve.org/view.php?id=CVE-2015-6278
28 Sep 2015 — The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs • CWE-20: Improper Input Validation •