Page 19 of 495 results (0.006 seconds)

CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0

A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this vulnerability by polling the affected device IPv6 information. An exploit could allow the attacker to trigger high CPU usage or a reload of the device. Known Affected Releases: Denali-16.3.1. • http://www.securityfocus.com/bid/100648 http://www.securitytracker.com/id/1039290 https://quickview.cloudapps.cisco.com/quickview/bug/CSCvb14640 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-snmp • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 0%CPEs: 186EXPL: 0

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la característica Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante no autenticado y en redes adyacentes provoque que los nodos autonómicos de un sistema afectado se vuelvan a cargar, lo que resultaría en una condición de denegación de servicio (DoS). Más información: CSCvd88936. • http://www.securityfocus.com/bid/99973 http://www.securitytracker.com/id/1038999 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos •

CVSS: 6.5EPSS: 0%CPEs: 187EXPL: 0

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la funcionalidad Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante adyacente sin autenticar reinicie el Autonomic Control Plane (ACP) de un sistema afectado y vea los paquetes ACP que se transfieren sin cifrar dentro de un sistema afectado (vulnerabilidad de divulgación de información). Más información: CSCvd51214. • http://www.securityfocus.com/bid/99969 http://www.securitytracker.com/id/1038998 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects. Cisco IOS en versiones anteriores a 15.2(4)S6 no inicializa una variable no especificada, lo que podría permitir que usuarios remotos autenticados provoquen una denegación de servicio (consumo de CPU, watchdog timeout, caída del sistema) recorriendo objetos SNMP específicos. • https://www.cisco.com/c/en/us/td/docs/ios/15_2s/release/notes/15_2s_rel_notes/15_2s_caveats_15_2_4s.html • CWE-399: Resource Management Errors •