CVSS: 7.7EPSS: 0%CPEs: 1446EXPL: 0CVE-2022-20920 – Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20920
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload. Una vulnerabilidad en la implementación de SSH del software Cisco IOS y del software Cisco IOS XE podría permitir que un atacante remoto autenticado causara la recarga de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-excpt-dos-FzOBQTnk • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 203EXPL: 0CVE-2021-34703 – Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34703
A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-dos-sBnuHSjT • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.4EPSS: 0%CPEs: 37EXPL: 0CVE-2020-3409 – Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3409
A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device. Una vulnerabilidad en la funcionalidad PROFINET de Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante adyacente no autenticado causar que un dispositivo afectado se bloquee y recargue, resultando en una condición de denegación de servicio (DoS) en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPB • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 0%CPEs: 149EXPL: 0CVE-2020-3508 – Cisco IOS XE Software for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor IP ARP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3508
A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload. Una vulnerabilidad en la funcionalidad de Address Resolution Protocol (ARP) de IP de Cisco IOS XE Software para Cisco ASR 1000 Series Aggregation Services Routers con un Embedded Services Processor (ESP) de 20-Gbps instalado, podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado, resultando en una condición de denegación de servicio. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esp20-arp-dos-GvHVggqJ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3509 – Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3509
A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces Una vulnerabilidad en el manejador de mensajes DHCP de Cisco IOS XE Software para Cisco cBR-8 Converged Broadband Routers, podría permitir a un atacante remoto no autenticado causar que el supervisor se bloquee, lo que podría resultar en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcp-dos-JSCKX43h • CWE-203: Observable Discrepancy CWE-388: 7PK - Errors •