Page 25 of 142 results (0.013 seconds)

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. More Information: CSCux68796. Known Affected Releases: 15.5(3)S2.1 15.6(1)S1.1. Known Fixed Releases: 15.4(3)S6.1 15.4(3)S6.2 15.5(3)S2.2 15.5(3)S3 15.6(0.22)S0.23 15.6(1)S2 16.2(0.295) 16.3(0.94) 15.5.3S3. Una vulnerabilidad en funciones Simple Network Management Protocol (SNMP) de Cisco ASR 1000 Series Aggregation Services Routers que ejecutan Cisco IOS XE Software Release 3.13.6S, 3.16.2S, o 3.17.1S podría permitir a un atacante remoto no autenticado provocar elevado uso de CPU en un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). • http://www.securityfocus.com/bid/95934 http://www.securitytracker.com/id/1037770 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-asrsnmp • CWE-665: Improper Initialization •

CVSS: 2.5EPSS: 0%CPEs: 10EXPL: 0

A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release of Cisco IOS XE Software: Cisco 5700 Series Wireless LAN Controllers, Cisco Catalyst 3650 Series Switches, Cisco Catalyst 3850 Series Switches, Cisco Catalyst 4500E Series Switches, Cisco Catalyst 4500X Series Switches. More Information: CSCva60013 CSCvb22622. Known Affected Releases: 3.7(0) 16.4.1 Denali-16.1.3 Denali-16.2.2 Denali-16.3.1. Known Fixed Releases: 15.2(4)E3 16.1(2.208) 16.2(2.42) 16.3(1.22) 16.4(0.190) 16.5(0.29). • http://www.securityfocus.com/bid/94340 http://www.securitytracker.com/id/1037299 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe • CWE-20: Improper Input Validation •

CVSS: 8.3EPSS: 0%CPEs: 3334EXPL: 0

The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532. El redireccionador de DNS en Cisco IOS 12.0 hasta la versión 12.4 y 15.0 hasta la versión 15.6 e IOS XE 3.1 hasta la versión 3.15 permite a atacantes remotos obtener información sensible de la memoria del proceso o provocar una denegación de servicio (corrupción de datos o reinicio del dispositivo) a través de una respuesta DNS manipulada, vulnerabilidad también conocida como Bug ID CSCup90532. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns http://www.securityfocus.com/bid/93201 http://www.securitytracker.com/id/1036914 https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667. El servicio AAA en Cisco IOS 12.0 hasta la versión 12.4 y 15.0 hasta la versión 15.6 e IOS XE 2.1 hasta la versión 3.18 y 16.2 permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de un intento de conexión SSH fallido que no es manejado correctamente durante la generación de un mensaje de registro de error, vulnerabilidad también conocida como Bug ID CSCuy87667. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados http://www.securityfocus.com/bid/93196 http://www.securitytracker.com/id/1036914 https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089. Cisco IOS 12.2 e IOS XE 3.14 hasta la versión 3.16 y 16.1 permiten a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de paquetes IP Detail Record (IPDR) manipulados, vulnerabilidad también conocida como Bug ID CSCuu35089. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr http://www.securityfocus.com/bid/93205 http://www.securitytracker.com/id/1036914 • CWE-20: Improper Input Validation •