CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-16026 – Cisco Mobility Management Entity Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-16026
26 Jan 2020 — A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 1%CPEs: 8EXPL: 0CVE-2018-0273
https://notcve.org/view.php?id=CVE-2018-0273
19 Apr 2018 — A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of corrupted Internet Key Exchange Version 2 (IKEv2) messages. An attacker could exploit this vulnerability b... • http://www.securityfocus.com/bid/103935 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1CVE-2018-0239
https://notcve.org/view.php?id=CVE-2018-0239
19 Apr 2018 — A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the length of a... • https://github.com/mr-won/CVE-2018-0239 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •