CVSS: 7.8EPSS: 0%CPEs: 155EXPL: 0CVE-2015-6278
https://notcve.org/view.php?id=CVE-2015-6278
28 Sep 2015 — The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 74EXPL: 0CVE-2015-6280
https://notcve.org/view.php?id=CVE-2015-6280
28 Sep 2015 — The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013. Vulnerabilidad en la funcionalidad SSHv2 en Cisco IOS 15.2, 15.3, 15.4 y 15.5 y IOS XE 3.6E... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0CVE-2015-6282
https://notcve.org/view.php?id=CVE-2015-6282
25 Sep 2015 — Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933. Vulnerabilidad en Cisco IOS XE 2.x y 3.x en versiones anteriores a 3.10.6S, 3.11.xS hasta la versión 3.13.xS en versiones anteriores a 3.13.3S y 3.14.xS hasta la versión 3.15.xS en versiones anteriores a 3.15.1S, permite a atacantes remotos pro... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-iosxe • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-6294
https://notcve.org/view.php?id=CVE-2015-6294
18 Sep 2015 — Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. Vulnerabilidad en Cisco IOS 15.2(3)E y versiones anteriores y IOS XE 3.6(2)E y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (pérdida de funcionalidad) a través de paquetes Cisco Discovery Protocol (CDP) modificados, también conocida como Bug ID CSCuu25770. • http://tools.cisco.com/security/center/viewAlert.x?alertId=41006 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2015-6272
https://notcve.org/view.php?id=CVE-2015-6272
31 Aug 2015 — Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064. Vulnerabilidad en Cisco IOS XE 2.1.0 hasta la versión 2.2.3 y 2.3.0 en dispositivos ASR 1000, cuando se utiliza NAT Application Layer Gateway, permite a atacantes remotos causar una denegación de servicio (caída de Embedded Services Pro... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40689 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6269
https://notcve.org/view.php?id=CVE-2015-6269
31 Aug 2015 — Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted (1) IPv4 or (2) IPv6 packet, aka Bug ID CSCsw69990. Vulnerabilidad en Cisco IOS XE en versiones anteriores a 2.2.3 en dispositivos ASR 1000, permite a atacantes remotos causar una denegación de servicio (caída de Embedded Services Processor) a través de la manipulación de un paquete (1) IPv4 (2) IPv6, también conocido como Bug ID CSCsw69990. • http://tools.cisco.com/security/center/viewAlert.x?alertId=40686 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2015-6271
https://notcve.org/view.php?id=CVE-2015-6271
31 Aug 2015 — Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008. Vulnerabilidad en Cisco IOS XE 2.1.0 hasta la versión 2.4.3 y 2.5.0 en dispositivos ASR 1000, cuando se utiliza NAT Application Layer Gateway, permite a atacantes remotos causar una denegación de servicio (caída de Embedded Services Processor) a trav... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40688 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6270
https://notcve.org/view.php?id=CVE-2015-6270
31 Aug 2015 — Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv6 packet, aka Bug ID CSCsv98555. Vulnerabilidad en Cisco IOS XE en versiones anteriores a 2.2.3 en dispositivos ASR 1000, permite a atacantes remotos causar una denegación de servicio (caída de Embedded Services Processor) a través de un paquete IPv6 manipulado, también conocido como Bug ID CSCsv98555. • http://tools.cisco.com/security/center/viewAlert.x?alertId=40687 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2015-6273
https://notcve.org/view.php?id=CVE-2015-6273
29 Aug 2015 — Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623. Vulnerabilidad en Cisco IOS XE en versiones anteriores a 3.1.2S en dispositivos ASR 1000, no se maneja correctamente la configuración automática de Virtual Fragment Reassembl... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40690 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6268
https://notcve.org/view.php?id=CVE-2015-6268
29 Aug 2015 — Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482. Vulnerabilidad en Cisco IOS XE en versiones anteriores a 2.2.3 en dispositivos ASR 1000, permite a atacantes remotos causar una denegación de servicio (caída de Embedded Services Processor) a través de un paquete UDP IPv4 manipulado, también conocida como Bug ID CSCsw95482. • http://tools.cisco.com/security/center/viewAlert.x?alertId=40685 • CWE-399: Resource Management Errors •