Page 18 of 91 results (0.015 seconds)

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. • http://ciac.llnl.gov/ciac/bulletins/l-082.shtml http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml http://www.kb.cert.org/vuls/id/106392 http://www.osvdb.org/1830 http://www.securityfocus.com/bid/2733 https://exchange.xforce.ibmcloud.com/vulnerabilities/6566 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. Classic Cisco IOD 9.1 y anteriores permite a atacantes con acceso al inductor de login obtener porciones de la historia de comandos de usuarios anteriores, lo que puede permitir al atacante obtener datos sensibles. • http://www.ciac.org/ciac/bulletins/j-009.shtml http://www.cisco.com/warp/public/770/ioshist-pub.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml http://www.cisco.com/warp/public/770/wccpauth-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1577 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. • http://ciac.llnl.gov/ciac/bulletins/j-016.shtml http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1401 •