CVSS: 7.2EPSS: 0%CPEs: 1283EXPL: 0CVE-2020-3204 – Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3204
03 Jun 2020 — A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the att... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-ace-C9KuVKmm • CWE-20: Improper Input Validation •
CVSS: 6.0EPSS: 0%CPEs: 1917EXPL: 0CVE-2020-3201 – Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3201
03 Jun 2020 — A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affect... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcl-dos-MAZQUnMF • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-3315 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3315
06 May 2020 — Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-668: Exposure of Resource to Wrong Sphere CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4661
https://notcve.org/view.php?id=CVE-2011-4661
12 Feb 2020 — A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. Se presenta una vulnerabilidad de pérdida de memoria en Cisco IOS versiones anteriores a 15.2(1)T, debido a una pérdida de memoria en el proceso de HTTP PROXY Server (también se conoce como CSCtu52820), cuando se configuró con Cisco ISR Web Security con Cisco ScanSafe y ... • https://www.cisco.com/c/en/us/td/docs/ios/15_2m_and_t/release/notes/15_2m_and_t/152-1TCAVS.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 4.8EPSS: 0%CPEs: 22EXPL: 0CVE-2019-12668 – Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2019-12668
25 Sep 2019 — A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The atta... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 31EXPL: 0CVE-2019-12656 – Cisco IOx Application Environment Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12656
25 Sep 2019 — A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a Transport Layer Security (TLS) implementation issue. An attacker could exploit this vulnerability by sending crafted TLS packets to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web s... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 3%CPEs: 7EXPL: 0CVE-2019-12652 – Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12652
25 Sep 2019 — A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when processing TCP packets directed to the device on specific Cisco Catalyst 4000 Series Switches. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device. A successful exploit... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-12669 – Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12669
25 Sep 2019 — A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of a malformed packet. An attacker could exploit this vulnerability by sending a malformed packet to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Una vulner... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-tsec • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 1%CPEs: 6EXPL: 0CVE-2019-12655 – Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-12655
25 Sep 2019 — A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •