CVE-2013-1202
https://notcve.org/view.php?id=CVE-2013-1202
Cisco ACE A2(3.6) allows log retention DoS. Cisco ACE A2 (versión 3.6), permite una DoS de la retención de registros. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130516-CVE-2013-1202 •
CVE-2017-17428
https://notcve.org/view.php?id=CVE-2017-17428
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un oráculo de relleno RSA Bleichenbacher. Esto también se conoce como ataque ROBOT. • http://www.securityfocus.com/bid/102170 http://www.securitytracker.com/id/1039984 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher https://www.cavium.com/security-advisory-cve-2017-17428.html https://www.kb.cert.org/vuls/id/144389 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2016-6399
https://notcve.org/view.php?id=CVE-2016-6399
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317. Dispositivos Cisco ACE30 Application Control Engine Module hasta la versión A5 3.3 y ACE 4700 Application Control Engine hasta la versión A5 3.3 permiten a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) a través de paquetes (1) SSL o (2) TLS manipulados, vulnerabilidad también conocida como Bug ID CSCvb16317. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace http://www.securityfocus.com/bid/92867 http://www.securitytracker.com/id/1036748 • CWE-20: Improper Input Validation •
CVE-2012-3919
https://notcve.org/view.php?id=CVE-2012-3919
The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879. El módulo Cisco Application Control Engine (ACE) v3.0 para switches Cisco Catalyst y routers Cisco no supervisa adecuadamente las colas Load Balancer (LB), lo que permite a atacantes remotos provocar una denegación de servicio (acceso a memoria incorrecto y reinicio del módulo) a través del tráfico entre aplicaciones, también conocido como Bug ID CSCtw70879. • http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_x/Release/Note/RACEA2_3_X.html https://exchange.xforce.ibmcloud.com/vulnerabilities/78808 • CWE-399: Resource Management Errors •
CVE-2009-0625
https://notcve.org/view.php?id=CVE-2009-0625
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. Vulnerabilidad no especificada en "Cisco ACE Application Control Engine Module" para Switches Catalyst 6500 y routers anteriores A1(v1.2) y Cisco ACE 4710 "Application Control Engine Appliance" anteriores A1(8.0), permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un paquete SNMPv3 manipulada. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml http://www.securityfocus.com/bid/33900 http://www.securitytracker.com/id?1021769 • CWE-94: Improper Control of Generation of Code ('Code Injection') •