CVSS: 7.1EPSS: 78%CPEs: 26EXPL: 0CVE-2017-17428
https://notcve.org/view.php?id=CVE-2017-17428
05 Mar 2018 — Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un oráculo de relleno RSA Bleichenbacher. Esto también se conoce como ataque ROBOT. • http://www.securityfocus.com/bid/102170 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2010-2822
https://notcve.org/view.php?id=CVE-2010-2822
13 Aug 2010 — Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858. Vulnerabilidad sin especificar en la funcionalidad de inspección RTSP del módul... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2010-2823
https://notcve.org/view.php?id=CVE-2010-2823
13 Aug 2010 — Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493. Vulnerabilidad sin especificar en la funcionalidad "deep packet inspection" de "Cisco Application Control Engine" (ACE) 4710 appliance con software anterior a A3(2.6) permite a atacantes remotos pr... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2825
https://notcve.org/view.php?id=CVE-2010-2825
13 Aug 2010 — Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569. Vulner... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2010-1576
https://notcve.org/view.php?id=CVE-2010-1576
06 Jul 2010 — The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSC... • http://osvdb.org/66092 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2010-2629
https://notcve.org/view.php?id=CVE-2010-2629
06 Jul 2010 — The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exi... • http://securitytracker.com/id?1024167 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0621
https://notcve.org/view.php?id=CVE-2009-0621
26 Feb 2009 — Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access. Cisco ACE 4710 Application Control Engine Appliance anterior a vA1(8a) utiliza por defecto (1) nombre de usuario y (2) contraseñas para (a) el administrador (b) gestión Web... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml • CWE-16: Configuration •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2009-0622
https://notcve.org/view.php?id=CVE-2009-0622
26 Feb 2009 — Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). Vulnerabilidad no especificada en Cisco ACE Application Control Engine Module para Catalyst 6500 Switches y 7600 Routers anterior a A2(1.2) y Cisco ACE 4710 Application Control Engine Appli... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2009-0623
https://notcve.org/view.php?id=CVE-2009-0623
26 Feb 2009 — Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. Vulnerabilidad no especificada en "Cisco ACE Application Control Engine Module" para Catalyst 6500 Switches y 7600 Routers anteriores A2(1.3) y Cisco ACE 4710 Application Control Engine Appliance anteriores a A3(2.... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2009-0624
https://notcve.org/view.php?id=CVE-2009-0624
26 Feb 2009 — Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. Vulnerabilidad no especificada en la implementación SNMPv2c en Cisco ACE Application Control Engine Module para Catalyst 6500 Switches y 7600 Routers anteriores a A2(1.3) y Cisco AC... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml •