CVSS: 10.0EPSS: 94%CPEs: 323EXPL: 11CVE-2017-3881 – Cisco IOS and IOS XE Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3881
17 Mar 2017 — A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to ... • https://packetstorm.news/files/id/180481 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5522
https://notcve.org/view.php?id=CVE-2013-5522
25 Oct 2013 — Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286. Cisco IOS en el switches Catalyst 3750X tiene por defecto credenciales de Service Module, lo que hace que sea más fácil para los usuarios locales conseguir privilegios a través de un inicio de sesión de un Service Module, también conocido como Bug ID CSCue92286. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5522 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 97EXPL: 0CVE-2013-1100
https://notcve.org/view.php?id=CVE-2013-1100
13 Feb 2013 — The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853. El servidor HTTP en Cisco IOS en switches Catalyst no trata correctamente los eventos socket TCP, lo que permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de paquetes hechos a mano en el puerto TCP (1) 80 o (2) 443, también ... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1100 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1338
https://notcve.org/view.php?id=CVE-2012-1338
06 Aug 2012 — Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664. Cisco IOS v15.0 y v15.1 en el Catalyst 3560 y 3750 switches de la serie permite a usuarios remotos autenticados provocar una denegación de servicio (recarga del dispositivo) al completar la autenticación web local con rapidez, también conocido como Bug ID CSCts88664. • http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/15.0_1_se/release/notes/OL25302.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •