CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1460 – Cisco IOx Application Framework Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1460
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition. Una vulnerabilidad en el Cisco IOx Application Framework de los Enrutadores Cisco 809 Industrial Integrated Services (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, y Cisco IC3000 Industrial Compute Gateway, podría permitir a un atacante remoto no autenticado causar una denegación de servicio. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 265EXPL: 0CVE-2021-1446 – Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1446
A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected device inspects certain DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through an affected device that is performing NAT for DNS packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability can be exploited only by traffic that is sent through an affected device via IPv4 packets. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-hbBS7SZE • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16009 – Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability
https://notcve.org/view.php?id=CVE-2019-16009
A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or reload an affected device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-ios-csrf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.7EPSS: 0%CPEs: 1198EXPL: 0CVE-2020-3200 – Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3200
A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en el código del servidor Secure Shell (SSH) de Cisco IOS Software y el Cisco IOS XE Software, podría permitir a un atacante remoto autenticado causar una recarga de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-dos-Un22sd2A • CWE-371: State Issues CWE-436: Interpretation Conflict •
CVSS: 7.5EPSS: 0%CPEs: 792EXPL: 0CVE-2020-3230 – Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3230
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed. Una vulnerabilidad en la implementación de Internet Key Exchange Versión 2 (IKEv2) en Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante remoto no autenticado impedir que IKEv2 establezca nuevas asociaciones de seguridad. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-9p23Jj2a • CWE-20: Improper Input Validation •