Page 35 of 178 results (0.013 seconds)

CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. • http://www.kb.cert.org/vuls/id/139491 http://www.osvdb.org/1969 http://www.securityfocus.com/archive/1/219257 http://www.securityfocus.com/archive/1/219305 http://www.securityfocus.com/bid/3412 https://exchange.xforce.ibmcloud.com/vulnerabilities/7242 •

CVSS: 5.0EPSS: 3%CPEs: 10EXPL: 1

Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. • https://www.exploit-db.com/exploits/21028 http://marc.info/?l=bugtraq&m=99749327219189&w=2 http://www.securityfocus.com/archive/1/199558 http://www.securityfocus.com/bid/3096 https://exchange.xforce.ibmcloud.com/vulnerabilities/6913 •

CVSS: 9.3EPSS: 84%CPEs: 91EXPL: 7

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. • https://www.exploit-db.com/exploits/20975 https://www.exploit-db.com/exploits/20976 https://www.exploit-db.com/exploits/20977 https://www.exploit-db.com/exploits/20978 http://www.cert.org/advisories/CA-2001-14.html http://www.ciac.org/ciac/bulletins/l-106.shtml http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html http://www.osvdb.org/578 http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org http://www.securityfocus.com/archive/1/ • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml http://www.kb.cert.org/vuls/id/840665 https://exchange.xforce.ibmcloud.com/vulnerabilities/6180 •