7 matches found
EUVD-2023-24288
Malicious code in bioql PyPI...
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...
Cisco IOS XE Software Group Encrypted Transport VPN Out of Bounds Write (cisco-sa-getvpn-rce-g8qR68sx)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control o...
PT-2023-5691
Name of the Vulnerable Software and Affected Versions: Cisco IOS and IOS XE Software affected versions not specified Description: A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacke...
Cisco IOS GET VPN Encryption Policy Bypass Vulnerability
A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS could allow traffic to bypass the configured encryption policy. The vulnerability is due to the default, implicit policies set in place to permit Group Domain of Interpretation GDOI traffic to flow unencrypted...
Default configuration
The default configuration of the Group Encrypted Transport VPN GET VPN feature on Cisco IOS uses an improper mechanism for enabling Group Domain of Interpretation GDOI traffic flow, which allows remote attackers to bypass the encryption policy via certain uses of UDP port 848, aka Bug ID CSCui076...
CVE-2013-3436
Cisco IOS GET VPN vulnerable due to default implicit GDOI policy allowing unencrypted traffic on UDP 848, enabling bypass of encryption policy for GMs and KSs. Root cause is the default configuration that permits GDOI flow; exploitation requires access to trusted internal networks. Impact is bypa...