Lucene search
+L

102 matches found

nessus
nessus
added 2016/09/16 12:0 a.m.16 views

Cisco IOS XR NCS 6000 Packet Timer Leak DoS (cisco-sa-20160713-ncs6k)

The version of Cisco IOS XR running on the remote NCS 6000 device is affected by a denial of service vulnerability due to improper management of system timer resources. An unauthenticated, remote attacker can exploit this, via numerous management connections to the affected device, to consume...

7.8CVSS7.4AI score0.01939EPSS
Exploits0References3
cisco
cisco
added 2016/09/14 4:0 p.m.55 views

Cisco IOS XR Software for NCS 6000 Series Devices OSPF Packet Processing Denial of Service Vulnerability

A vulnerability in the OSPFv3 processing of Cisco IOS XR Software for Cisco Network Convergence System NCS 6000 Series devices could allow an unauthenticated, remote attacker to cause a reload of the OSPFv3 process and result in a limited denial of service DoS condition on an affected device. The...

5CVSS5.5AI score0.01599EPSS
Exploits0References1
nvd
nvd
added 2016/07/15 4:59 p.m.16 views

CVE-2016-1426

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...

7.8CVSS7.5AI score0.01939EPSS
Exploits0References3
osv
osv
added 2016/07/15 4:59 p.m.5 views

CVE-2016-1426

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...

7.5CVSS5.8AI score0.01939EPSS
Exploits0References3
prion
prion
added 2016/07/15 4:59 p.m.14 views

Code injection

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...

7.8CVSS7.3AI score0.01939EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2016/07/15 4:0 p.m.21 views

CVE-2016-1426

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...

7.5AI score0.01939EPSS
Exploits0References3
cve
cve
added 2016/07/15 4:0 p.m.58 views

CVE-2016-1426

Cisco IOS XR 5.x–5.2.5 on NCS 6000 devices is affected by a denial of service vulnerability (CVE-2016-1426) due to improper management of system timer resources. A remote, unauthenticated attacker can trigger timer/resource exhaustion by establishing multiple SSH connections (and related manageme...

7.8CVSS7.4AI score0.01939EPSS
Exploits0References3Affected Software1
threatpost
threatpost
added 2016/07/14 2:1 p.m.17 views

Cisco Patches DoS Flaw in NCS 6000 Routers

Cisco Systems today released patches for two products, including one for a vulnerability rated a high criticality in Cisco IOS XR for the Cisco Network Convergence System series routers. The flaw rests in the management of system timer resources and could allow an attacker to remotely crash the...

1.3AI score
Exploits0References2
cisco
cisco
added 2016/07/13 4:0 p.m.28 views

Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability

A vulnerability in the management of system timer resources in Cisco IOS XR for Cisco Network Convergence System 6000 NCS 6000 Series Routers could allow an unauthenticated, remote attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the...

7.8CVSS7.5AI score0.01939EPSS
Exploits0References1
openvas
openvas
added 2016/05/04 12:0 a.m.47 views

Cisco IOS XR Software SCP and SFTP Modules Denial of Service Vulnerability (cisco-sa-20160323-ncs)

A vulnerability in the Secure Copy Protocol SCP and Secure FTP SFTP modules of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite system files and cause a denial of service DoS condition. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be...

6.8CVSS6.5AI score0.0138EPSS
Exploits0References1
prion
prion
added 2015/06/12 2:59 p.m.15 views

Design/Logic Flaw

The Device Work Center DWC component in Cisco Prime Network Control System NCS 2.10.0.85, 2.20.0.58, and 2.20.0.69 does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371...

6.5CVSS7.2AI score0.02086EPSS
Exploits0References2Affected Software1
cve
cve
added 2015/06/12 2:0 p.m.46 views

CVE-2015-0768

CVE-2015-0768 affects Cisco Prime Network Control System (NCS) Device Work Center (DWC) in NCS 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69). Root cause: improper implementation of AAA roles, allowing remote authenticated users to bypass access restrictions and execute commands via an active login se...

6.5CVSS6.8AI score0.02086EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2015/03/18 12:0 a.m.48 views

Cisco IOS XR NCS 6000 Multiple ntpd Vulnerabilities

The remote Cisco device is running a version of IOS XR software that is affected by the following vulnerabilities : - Errors exist related to weak cryptographic pseudorandom number generation PRNG, the functions 'ntprandom' and and 'configauth', and the 'ntp-keygen' utility. A man-in-the-middle...

7.5CVSS7.7AI score0.78717EPSS
Exploits4References6
cisa
cisa
added 2015/02/25 12:0 a.m.12 views

Cisco IPv6 Denial of Service Vulnerability

Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 NCS 6000 and Cisco Carrier...

6.7AI score
Exploits0References1
prion
prion
added 2015/02/21 11:59 a.m.18 views

Code injection

Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System NCS 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X CRS-X devices allows remote attackers to cause a denial of service line-card reload via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241...

7.1CVSS7.3AI score0.02317EPSS
Exploits0References3Affected Software2
cve
cve
added 2015/02/21 11:0 a.m.75 views

CVE-2015-0618

Cisco IOS XR DoS (CVE-2015-0618) affects IOS XR 5.0.1/5.2.1 on NCS 6000 and 5.1.3/5.1.4 on CRS-X. The issue arises from improper processing of malformed IPv6 packets with extension headers, allowing remote attackers to trigger a line-card reload and thus a denial of service. Evidence in multiple ...

7.1CVSS6.9AI score0.02317EPSS
Exploits0References3Affected Software1
prion
prion
added 2013/09/06 11:15 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System NCS and Wireless Control System WCS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375...

4.3CVSS6.1AI score0.01531EPSS
Exploits0References1
cvelist
cvelist
added 2013/09/06 10:0 a.m.18 views

CVE-2012-5990

Multiple cross-site scripting XSS vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System NCS and Wireless Control System WCS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375...

5.7AI score0.01531EPSS
Exploits0References1
cve
cve
added 2013/09/06 10:0 a.m.58 views

CVE-2012-5990

CVE-2012-5990 describes reflected XSS in the Health Monitor login pages of Cisco Prime NCS/WCS. Affected component: Health Monitor Login pages. Root cause: input validation error leading to reflection of HTML/script (CWE-79). Impact stated: attacker can execute arbitrary script in the user’s brow...

4.3CVSS5.8AI score0.01531EPSS
Exploits0References1Affected Software2
nessus
nessus
added 2013/06/11 12:0 a.m.25 views

Cisco Prime Network Control System Version

The remote host is running Cisco Prime Network Control System NCS, a network management system. It is possible to get the Prime NCS version number via SSH or SNMP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66860; scriptversion"1.3"; scriptcvsdate"Date:...

5.5AI score
Exploits0References1
Rows per page
Query Builder