CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-16026 – Cisco Mobility Management Entity Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-16026
26 Jan 2020 — A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2019-1869 – Cisco StarOS Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1869
20 Jun 2019 — A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could al... • http://www.securityfocus.com/bid/108853 • CWE-824: Access of Uninitialized Pointer •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2018-0369
https://notcve.org/view.php?id=CVE-2018-0369
16 Jul 2018 — A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. T... • http://www.securityfocus.com/bid/104723 • CWE-20: Improper Input Validation •