NotCVE - vendor:"Cisco" product:"IOS" version:"15.6"

Page 22 of 111 results (0.009 seconds)

CVSS: 7.5EPSS: 97%CPEs: 5EXPL: 2

CVE-2016-6415 – Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. La implementación del servidor IKEv1 en Cisco IOS 12.2 hasta la versión 12.4 y 15.0 hasta la versión 15.6, IOS XE hasta la versión 3.18S, IOS XR 4.3.x y 5.0.x hasta la versión 5.2.x y PIX en versiones anteriores a 7.0 permite a atacantes remotos obtener información sensible de la memoria del dispositivo a través de una petición de negociación Security Association (SA), vulnerabilidad también conocida como Bug IDs CSCvb29204 y CSCvb36055 o BENIGNCERTAIN. Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. • https://www.exploit-db.com/exploits/43383 https://github.com/3ndG4me/CVE-2016-6415-BenignCertain-Monitor http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 http://www.securityfocus.com/bid/93003 http://www.securitytracker.com/id/1036841 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-6403

https://notcve.org/view.php?id=CVE-2016-6403

The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912. La aplicación Data in Motion (DMo) en Cisco IOS 15.6(1)T e IOS XE, cuando el conjunto de características IOx está activado, permite a atacantes remotos provocar una denegación de servicio a través de un paquete manipulado, vulnerabilidad también conocida como Bug IDs CSCuy82904, CSCuy82909 y CSCuy82912. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios-xe http://www.securityfocus.com/bid/92960 http://www.securitytracker.com/id/1036833 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-1478

https://notcve.org/view.php?id=CVE-2016-1478

Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619. Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1 y 15.6(2)T1 no pone en cola adecuadamente paquetes NTP inválidos, lo que facilita a atacantes remotos provocar una denegación de servicio (interfaz de cuña) mandando muchos paquetes NTP manipulados, también conocido como Bug ID CSCva35619. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge http://www.securityfocus.com/bid/92317 http://www.securitytracker.com/id/1036541 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 1%CPEs: 4891EXPL: 0

CVE-2016-1409

https://notcve.org/view.php?id=CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. El protocolo de implementación Neighbor Discovery (ND) en la pila IPv6 en Cisco IOS XE 2.1 hasta la versión 3.17S, IOS XR 2.0.0 hasta la versión 5.3.2 y NX-OS permite a atacantes remotos provocar una denegación de servicio (interrupción de procesado de paquetes) a través de mensajes ND manipulados, también conocido como Bug ID CSCuz66542, tal como se ha explotado activamente en mayo de 2016. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en http://www.securityfocus.com/bid/90872 http://www.securitytracker.com/id/1035962 http://www.securitytracker.com/id/1035963 http://www.securitytracker.com/id/1035964 http://www.securitytracker.com/id/1035965 http://www.securitytracker.com/id/1036651 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-1333

https://notcve.org/view.php?id=CVE-2016-1333

Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878. Cisco IOS 15.5(3)M y 15.6(1)T0a en routers Cisco 1000 Connected Grid permiten a usuarios remotos autenticados provocar una denegación de servicio (recarga de dispositivo) a través de una petición SNMP para OIDs BRIDGE MIB no especificados, también conocida como Bug ID CSCux89878. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid http://www.securitytracker.com/id/1035035 • CWE-399: Resource Management Errors •

1...20 21 22 23