Page 29 of 298 results (0.016 seconds)

CVSS: 7.5EPSS: 0%CPEs: 71EXPL: 0

A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP packets with a destination port of 0 to an affected device. A successful exploit could allow the attacker to cause UDP packets to be held in the input interfaces queue, resulting in a DoS condition. The input interface queue will stop holding UDP packets when it receives 250 packets. • http://www.securityfocus.com/bid/100644 http://www.securitytracker.com/id/1039289 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-ios-udp • CWE-399: Resource Management Errors CWE-404: Improper Resource Shutdown or Release •

CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0

A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this vulnerability by polling the affected device IPv6 information. An exploit could allow the attacker to trigger high CPU usage or a reload of the device. Known Affected Releases: Denali-16.3.1. • http://www.securityfocus.com/bid/100648 http://www.securitytracker.com/id/1039290 https://quickview.cloudapps.cisco.com/quickview/bug/CSCvb14640 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-snmp • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 0%CPEs: 186EXPL: 0

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la característica Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante no autenticado y en redes adyacentes provoque que los nodos autonómicos de un sistema afectado se vuelvan a cargar, lo que resultaría en una condición de denegación de servicio (DoS). Más información: CSCvd88936. • http://www.securityfocus.com/bid/99973 http://www.securitytracker.com/id/1038999 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos •

CVSS: 6.5EPSS: 0%CPEs: 187EXPL: 0

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la funcionalidad Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante adyacente sin autenticar reinicie el Autonomic Control Plane (ACP) de un sistema afectado y vea los paquetes ACP que se transfieren sin cifrar dentro de un sistema afectado (vulnerabilidad de divulgación de información). Más información: CSCvd51214. • http://www.securityfocus.com/bid/99969 http://www.securitytracker.com/id/1038998 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0

A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This vulnerability affected devices that are running Release 16.x of Cisco IOS XE Software and are configured to use Autonomic Networking. This vulnerability does not affect devices that are running an earlier release of Cisco IOS XE Software or devices that are not configured to use Autonomic Networking. More Information: CSCvd22328. Known Affected Releases: 15.5(1)S3.1 Denali-16.2.1. • http://www.securityfocus.com/bid/99986 http://www.securitytracker.com/id/1038997 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anicrl • CWE-295: Improper Certificate Validation •