156 matches found
Cisco IOS XE Software Secure Shell Connection on VRF (cisco-sa-20190109-ios-ssh-vrf)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the access control logic of the Secure Shell SSH server due to a missing check in the SSH server. An authenticated, remote attacker can exploit this, by providing valid credentials to access a device i...
Design/Logic Flaw
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
CVE-2018-0484
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
CVE-2018-0484
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
CVE-2018-0484 Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
CVE-2018-0484 Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability
A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...
The vulnerability of the Cisco IOS operating system allows a malicious individual to establish a network connection using the TELNET protocol.
The Cisco IOS operating system of telecommunications equipment does not recognize the keyword “vrf-also” during the execution of the “access-class” command. This allows a malicious intruder to establish a network connection using the TELNET protocol...
CVE-2015-5434
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...
Design/Logic Flaw
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...
CVE-2015-5434
CVE-2015-5434 affects HPE Networking/Comware 5 and 7 (HP/H3C) devices. Multiple connected sources describe a vulnerability where remote, unauthenticated attackers can bypass access restrictions or cause a denial of service by abusing virtual routing and forwarding (VRF) hopping. The root issue is...
Design/Logic Flaw
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and...
CVE-2015-8087
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and...
CVE-2015-8087
The CVE-2015-8087 VRF hopping issue affects Huawei NE20E-S, NE40E-M, NE40E-M2 (older software) and NE40E/NE80E routers where MPLS forwarding packets are not strictly checked. This allows remote attackers to forward packets to other VPNs, enabling flooding attacks against the destination VPN. Root...
Security Advisory - VRF Hopping Vulnerability in Multiple Routers
A VPN routing and forwarding VRF hopping vulnerability exists in Huawei routers. The routers do not strictly check received MPLS forwarding packets, and an attacker may exploit this vulnerability to forward crafted packets to MPLS links, which leads to flood attacks against the destination VPN...
Cisco IOS Software VRF ICMP Queue Wedge DoS (cisco-sa-20150325-wedge)
The Cisco IOS software running on the remote device is affected by a vulnerability in the Virtual Routing and Forwarding VRF interface due to improperly processing crafted ICMPv4 messages, which leaves the packet queue uncleared. A remote remote attacker can exploit this to cause a 'queue wedge' ...
CVE-2015-0638
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service interface queue wedge via crafted ICMPv4 packets, aka Bug ID CSCsi02145...
CVE-2015-0638
CVE-2015-0638 affects Cisco IOS with VRF enabled. A remote attacker can cause a denial-of-service by sending crafted ICMPv4 packets to trigger an interface queue wedge on the VRF-enabled interface. Root cause described as improper processing of ICMPv4 messages within VRF, leading to an uncleared ...
CVE-2015-0638
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service interface queue wedge via crafted ICMPv4 packets, aka Bug ID CSCsi02145...
Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability
A vulnerability within the virtual routing and forwarding VRF subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a failure to properly process malicious ICMP version 4 ICMPv4 messages received on ...