CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-20315
https://notcve.org/view.php?id=CVE-2024-20315
13 Mar 2024 — A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were suppo... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-acl-bypass-RZU5NL3e • CWE-284: Improper Access Control •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20322
https://notcve.org/view.php?id=CVE-2024-20322
13 Mar 2024 — A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-acl-bypass-RZU5NL3e • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 91EXPL: 0CVE-2024-20266
https://notcve.org/view.php?id=CVE-2024-20266
13 Mar 2024 — A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to c... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-3tgPKRdm • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-20320
https://notcve.org/view.php?id=CVE-2024-20320
13 Mar 2024 — A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of arguments that are included with the SSH client CLI command. An attacker with low-privileged access to an affected device could exploit this vulnerability by issuing a crafted SSH client comm... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ssh-privesc-eWDMKew3 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.4EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20327
https://notcve.org/view.php?id=CVE-2024-20327
13 Mar 2024 — A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of malformed PPPoE packets that are received on a router that is running Broadband Network Gateway (BNG) functionality with PPPoE termination on a Lightspeed-based or Lightspeed-Plus-... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pppma-JKWFgneW • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4204
https://notcve.org/view.php?id=CVE-2015-4204
23 Jun 2015 — Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051. Fuga de memoria en Cisco IOS 12.2 en el módulo Performance Routing Engine (PRE) en los dispositivos uBR10000 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria o caída del proceso PXF) mediante e... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39440 • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 1%CPEs: 67EXPL: 0CVE-2009-0628
https://notcve.org/view.php?id=CVE-2009-0628
27 Mar 2009 — Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. Fuga de memoria en la funcionalidad SSLVPN en Cisco IOS v12.3 hasta v12.4 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída del dispositivo) mediante la conexión de una sesión SSL de forma anormal, precedida... • http://secunia.com/advisories/34438 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 67EXPL: 0CVE-2009-0633
https://notcve.org/view.php?id=CVE-2009-0633
27 Mar 2009 — Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. Múltiples vulnerabilidades no especificadas en (1) la funcionalidad Mobile IP NAT Traversal y (2) el subsistema Mobile IPv6 en Cisco IOS v12.3 hasta v12.4 permite a atacantes remotos provocar una denegación de servicio (presión en la co... • http://secunia.com/advisories/34438 •
CVSS: 7.5EPSS: 2%CPEs: 67EXPL: 0CVE-2009-0634
https://notcve.org/view.php?id=CVE-2009-0634
27 Mar 2009 — Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. Múltiples vulnerabilidades no especificadas en la implementación del agente "home" (HA) en (1) la funcionalida de Mobile IP NAT Traversal y (2) el subsistema Mobile IPv6 en Cisco IOS v12.3 hasta v1... • http://secunia.com/advisories/34438 •
CVSS: 10.0EPSS: 57%CPEs: 165EXPL: 2CVE-2008-0960 – SNMPv3 - HMAC Validation error Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-0960
10 Jun 2008 — SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relie... • https://www.exploit-db.com/exploits/5790 • CWE-287: Improper Authentication •