CVSS: 5.3EPSS: 0%CPEs: 1721EXPL: 0CVE-2021-34705 – Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-34705
A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers. Una vulnerabilidad en el servicio Voice Telephony Service Provider (VTSP) de Cisco IOS Software y Cisco IOS XE Software podría permitir a un atacante remoto no autenticado omitir los patrones de destino configurados y marcar números arbitrarios. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxo-pattern-bypass-jUXgygYv • CWE-232: Improper Handling of Undefined Values •
CVSS: 7.7EPSS: 0%CPEs: 834EXPL: 0CVE-2021-34699 – Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34699
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en el analizador TrustSec CLI de Cisco IOS and Cisco IOS XE Software podría permitir a un atacante remoto y autenticado causar una recarga de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-trustsec-dos-7fuXDR2 • CWE-435: Improper Interaction Between Multiple Correctly-Behaving Entities CWE-436: Interpretation Conflict •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1623 – Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Simple Network Management Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1623
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition. Una vulnerabilidad en la función punt handling de Simple Network Management Protocol (SNMP) de Cisco cBR-8 Converged Broadband Routers podría permitir a un atacante remoto autenticado sobrecargar la ruta de punt del dispositivo, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8snmp-zGjkZ9Fc • CWE-399: Resource Management Errors •
CVSS: 5.8EPSS: 0%CPEs: 26EXPL: 0CVE-2021-1495 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1495
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload. Múltiples productos de Cisco están afectados por una vulnerabilidad en el motor de detección Snort que podría permitir a un atacante remoto no autenticado omitir una política de archivos configurada para HTTP. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc https://www.debian.org/security/2023/dsa-5354 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.9EPSS: 0%CPEs: 59EXPL: 0CVE-2021-1281 – Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1281
A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. An attacker could exploit this vulnerability by authenticating to the device as an administrative user and executing a sequence of commands. A successful exploit could allow the attacker to obtain access to the underlying operating system as the root user. Una vulnerabilidad en la administración de la CLI en el Software Cisco IOS XE SD-WAN, podría permitir a un atacante local autenticado acceder al sistema operativo subyacente como usuario root. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-clipriv-9TO2QGVp • CWE-399: Resource Management Errors •