CVSS: 6.5EPSS: 0%CPEs: 128EXPL: 0CVE-2018-0163
https://notcve.org/view.php?id=CVE-2018-0163
A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701. • http://www.securityfocus.com/bid/103571 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-6289
https://notcve.org/view.php?id=CVE-2015-6289
Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets on the SSH port, aka Bug ID CSCuu13476. Cisco IOS 15.5(3)M en dispositivos Integrated Services Router (ISR) 800, 819 y 829 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un paquete TCP manipulado en el puerto SSH, también conocido como Bug ID CSCuu13476. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr http://www.securityfocus.com/bid/91322 http://www.securitytracker.com/id/1036141 • CWE-399: Resource Management Errors •