Cisco IOS and IOS XE Denial of Service Vulnerability (CNVD-2021-43438)

Cisco IOS and IOS XE are both operating systems developed by Cisco in the United States for its network devices. A denial of service vulnerability exists in the Split DNS feature of Cisco IOS and IOS XE, which can be exploited by an attacker to cause a device to reload by attempting to resolve th...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43456)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in the packet processing of Cisco IOS XE used by the Cisco 4461 Integrated Multiservice Router, which can be exploited by an attacker to...

CVE-2020-3560

A vulnerability in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by...

CVE-2020-3511

A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient input validation when the ISDN...

CVE-2020-3552

A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points APs Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2020-3559

A vulnerability in Cisco Aironet Access Point AP Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending...

CVE-2020-3512

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol LLDP messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service DoS condition. The vulnerability is du...

CVE-2020-3494

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...

CVE-2020-3465

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames on...

CVE-2020-3465

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames on...

CVE-2020-3414

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to incorrect processing of...

CVE-2020-3408

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability occurs because the regular expression regex engine that...

CVE-2020-3407

A vulnerability in the RESTCONF and NETCONF-YANG access control list ACL function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of the ACL that is tied to the RESTCONF or NETCONF-YANG featur...

CVE-2020-3421

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the...

CVE-2020-3390

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...

Design/Logic Flaw

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the...

Input validation

A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient input validation when the ISDN...

Race condition

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames on...

Design/Logic Flaw

A vulnerability in Cisco Aironet Access Point AP Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending...

CVE-2020-3390 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...