Total
455 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-4291 | 1 Cisco | 1 Ios Xe | 2015-08-21 | 7.8 HIGH | N/A |
Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCtd72617. | |||||
CVE-2014-3405 | 1 Cisco | 1 Ios Xe | 2014-10-10 | 4.8 MEDIUM | N/A |
Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an ANI interface, aka Bug ID CSCuq22673. | |||||
CVE-2014-3403 | 1 Cisco | 1 Ios Xe | 2014-10-10 | 5.0 MEDIUM | N/A |
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647. | |||||
CVE-2014-3404 | 1 Cisco | 1 Ios Xe | 2014-10-10 | 4.3 MEDIUM | N/A |
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. | |||||
CVE-2014-3269 | 1 Cisco | 1 Ios Xe | 2014-05-20 | 6.8 MEDIUM | N/A |
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204. | |||||
CVE-2014-2143 | 1 Cisco | 2 Ios, Ios Xe | 2014-04-04 | 5.0 MEDIUM | N/A |
The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. | |||||
CVE-2014-2108 | 1 Cisco | 2 Ios, Ios Xe | 2014-03-28 | 7.8 HIGH | N/A |
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426. | |||||
CVE-2014-2106 | 1 Cisco | 2 Ios, Ios Xe | 2014-03-28 | 7.8 HIGH | N/A |
Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898. | |||||
CVE-2013-6692 | 1 Cisco | 1 Ios Xe | 2013-11-22 | 6.3 MEDIUM | N/A |
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949. | |||||
CVE-2013-5473 | 1 Cisco | 2 Ios, Ios Xe | 2013-10-07 | 7.8 HIGH | N/A |
Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011. | |||||
CVE-2013-5478 | 1 Cisco | 2 Ios, Ios Xe | 2013-10-07 | 7.8 HIGH | N/A |
Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023. | |||||
CVE-2013-5475 | 1 Cisco | 2 Ios, Ios Xe | 2013-10-07 | 7.8 HIGH | N/A |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561. | |||||
CVE-2013-5472 | 1 Cisco | 2 Ios, Ios Xe | 2013-09-30 | 7.1 HIGH | N/A |
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. | |||||
CVE-2013-0149 | 1 Cisco | 7 Asa 5500, Fwsm, Ios and 4 more | 2013-08-13 | 5.8 MEDIUM | N/A |
The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. | |||||
CVE-2013-1148 | 1 Cisco | 2 Ios, Ios Xe | 2013-03-29 | 7.8 HIGH | N/A |
The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. | |||||
CVE-2013-1143 | 1 Cisco | 2 Ios, Ios Xe | 2013-03-28 | 7.1 HIGH | N/A |
The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. | |||||
CVE-2012-4617 | 1 Cisco | 3 Ios, Ios Xe, Ios Xr | 2013-02-13 | 7.1 HIGH | N/A |
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914. | |||||
CVE-2011-4007 | 1 Cisco | 2 Ios, Ios Xe | 2012-10-29 | 5.4 MEDIUM | N/A |
Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576. | |||||
CVE-2011-0939 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-17 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022. | |||||
CVE-2011-3274 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-13 | 6.1 MEDIUM | N/A |
Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919. |