Page 17 of 88 results (0.005 seconds)

CVSS: 7.1EPSS: 96%CPEs: 39EXPL: 1

The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. • https://www.exploit-db.com/exploits/19882 http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml http://www.osvdb.org/1302 http://www.securityfocus.com/bid/1154 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml http://www.cisco.com/warp/public/770/wccpauth-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1577 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. • http://ciac.llnl.gov/ciac/bulletins/j-016.shtml http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1401 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. • http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/1928v8x/eescg8x/aleakyv.htm http://www.securityfocus.com/archive/1/26008 http://www.securityfocus.com/bid/615 https://exchange.xforce.ibmcloud.com/vulnerabilities/3294 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0775 •