Lucene search
+L

156 matches found

Tenable Nessus
Tenable Nessus
added 2019/12/06 12:0 a.m.24 views

Cisco IOS XE Software Secure Shell Connection on VRF (cisco-sa-20190109-ios-ssh-vrf)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the access control logic of the Secure Shell SSH server due to a missing check in the SSH server. An authenticated, remote attacker can exploit this, by providing valid credentials to access a device i...

6.5CVSS6.2AI score0.00788EPSS
Exploits0References3
Prion
Prion
added 2019/01/10 6:29 p.m.17 views

Design/Logic Flaw

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

4CVSS6.3AI score0.00788EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/01/10 6:29 p.m.23 views

CVE-2018-0484

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

6.5CVSS5.7AI score0.00788EPSS
Exploits0References2
OSV
OSV
added 2019/01/10 6:29 p.m.5 views

CVE-2018-0484

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

6.5CVSS5.8AI score0.00788EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2019/01/10 6:0 p.m.16 views

CVE-2018-0484 Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

5.3CVSS6.6AI score0.00788EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/10 6:0 p.m.21 views

CVE-2018-0484 Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

5.3CVSS6.3AI score0.00788EPSS
Exploits0References2
Cisco
Cisco
added 2019/01/09 4:0 p.m.105 views

Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

5.3CVSS5.6AI score0.00788EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.11 views

The vulnerability of the Cisco IOS operating system allows a malicious individual to establish a network connection using the TELNET protocol.

The Cisco IOS operating system of telecommunications equipment does not recognize the keyword “vrf-also” during the execution of the “access-class” command. This allows a malicious intruder to establish a network connection using the TELNET protocol...

5CVSS5.7AI score0.01318EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2016/01/05 11:59 a.m.16 views

CVE-2015-5434

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...

6.5CVSS6.6AI score0.02048EPSS
Exploits0References2
Prion
Prion
added 2016/01/05 11:59 a.m.16 views

Design/Logic Flaw

HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding VRF hopping."...

6.4CVSS7.4AI score0.02048EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2016/01/05 11:0 a.m.58 views

CVE-2015-5434

CVE-2015-5434 affects HPE Networking/Comware 5 and 7 (HP/H3C) devices. Multiple connected sources describe a vulnerability where remote, unauthenticated attackers can bypass access restrictions or cause a denial of service by abusing virtual routing and forwarding (VRF) hopping. The root issue is...

6.5CVSS6.5AI score0.02048EPSS
Exploits0References2Affected Software87
Prion
Prion
added 2015/11/19 8:59 p.m.12 views

Design/Logic Flaw

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and...

5CVSS7.1AI score0.00896EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/11/19 8:0 p.m.21 views

CVE-2015-8087

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and...

6.6AI score0.00896EPSS
Exploits0References1
CVE
CVE
added 2015/11/19 8:0 p.m.82 views

CVE-2015-8087

The CVE-2015-8087 VRF hopping issue affects Huawei NE20E-S, NE40E-M, NE40E-M2 (older software) and NE40E/NE80E routers where MPLS forwarding packets are not strictly checked. This allows remote attackers to forward packets to other VPNs, enabling flooding attacks against the destination VPN. Root...

5CVSS6.8AI score0.00896EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2015/10/21 12:0 a.m.56 views

Security Advisory - VRF Hopping Vulnerability in Multiple Routers

A VPN routing and forwarding VRF hopping vulnerability exists in Huawei routers. The routers do not strictly check received MPLS forwarding packets, and an attacker may exploit this vulnerability to forward crafted packets to MPLS links, which leads to flood attacks against the destination VPN...

5CVSS6.3AI score0.00896EPSS
Exploits0Affected Software3
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.23 views

Cisco IOS Software VRF ICMP Queue Wedge DoS (cisco-sa-20150325-wedge)

The Cisco IOS software running on the remote device is affected by a vulnerability in the Virtual Routing and Forwarding VRF interface due to improperly processing crafted ICMPv4 messages, which leaves the packet queue uncleared. A remote remote attacker can exploit this to cause a 'queue wedge' ...

7.1CVSS5.6AI score0.01681EPSS
Exploits0References2
NVD
NVD
added 2015/03/26 10:59 a.m.20 views

CVE-2015-0638

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service interface queue wedge via crafted ICMPv4 packets, aka Bug ID CSCsi02145...

7.1CVSS6.5AI score0.01681EPSS
Exploits0References2
CVE
CVE
added 2015/03/26 10:0 a.m.58 views

CVE-2015-0638

CVE-2015-0638 affects Cisco IOS with VRF enabled. A remote attacker can cause a denial-of-service by sending crafted ICMPv4 packets to trigger an interface queue wedge on the VRF-enabled interface. Root cause described as improper processing of ICMPv4 messages within VRF, leading to an uncleared ...

7.1CVSS6.7AI score0.01681EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/03/26 10:0 a.m.28 views

CVE-2015-0638

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service interface queue wedge via crafted ICMPv4 packets, aka Bug ID CSCsi02145...

6.5AI score0.01681EPSS
Exploits0References2
Cisco
Cisco
added 2015/03/25 4:0 p.m.53 views

Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability

A vulnerability within the virtual routing and forwarding VRF subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a failure to properly process malicious ICMP version 4 ICMPv4 messages received on ...

7.8CVSS6.7AI score0.01681EPSS
Exploits0References1
Rows per page
Query Builder