Lucene search
K

443 matches found

cisco
cisco
added 2025/05/07 4:0 p.m.15 views

Cisco IOS XE Software Web-Based Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...

8.8CVSS9.4AI score0.01159EPSS
Exploits0References1
cisco
cisco
added 2025/05/07 4:0 p.m.17 views

Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability

A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...

8.6CVSS8.5AI score0.00442EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/05/07 12:0 a.m.4 views

PT-2025-20263

Name of the Vulnerable Software and Affected Versions Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco NX-OS Software affected versions not specified Cisco Wireless LAN Controller WLC AireOS Software affected versions not specified...

7.4CVSS5.9AI score0.00199EPSS
Exploits0References7
nessus
nessus
added 2025/05/07 12:0 a.m.13 views

Cisco IOS XE Software Bootstrap Arbitrary File Write (cisco-sa-bootstrap-KfgxYgdh)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient...

6CVSS5.8AI score0.00148EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/02/07 5:21 p.m.6 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

7.7CVSS6.9AI score0.00755EPSS
Exploits0References1
nessus
nessus
added 2025/02/07 12:0 a.m.14 views

Cisco IOS XE Software SNMP DoS (cisco-sa-snmp-dos-sdxnSUcW)

According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. - A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This...

7.7CVSS6.7AI score0.00755EPSS
Exploits0References18
cvelist
cvelist
added 2025/02/05 4:39 p.m.14 views

CVE-2025-20175

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

7.7CVSS0.00736EPSS
Exploits0References1
cvelist
cvelist
added 2025/02/05 4:37 p.m.15 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker...

7.7CVSS0.00736EPSS
Exploits0References1
cve
cve
added 2025/02/05 4:35 p.m.63 views

CVE-2025-20173

The CVE-2025-20173 issue concerns Cisco IOS/IOS XE/IOS XR SNMP handling. The SNMP subsystem fails to handle certain requests due to improper error handling, enabling an authenticated remote attacker to trigger a denial of service. Affected are SNMP versions 1, 2c, and 3; exploitation requires a v...

7.7CVSS7.5AI score0.00736EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2025/01/03 12:0 a.m.11 views

Cisco IOS Software and IOS XE Software Access Control Error Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. An access control error vulnerability exists in the Simple Network Management Protocol SNMP IPv4 access control list feature of Cisco IOS Software and IOS XE Software, which stems from the program not...

5.3CVSS6.6AI score0.00511EPSS
Exploits0References1
nessus
nessus
added 2024/11/28 12:0 a.m.13 views

Cisco IOS XE Software Web UI XSRF (cisco-sa-webui-csrf-ycUYxkKO)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack and execute commands o...

8.8CVSS5.8AI score0.00311EPSS
Exploits0References4
nessus
nessus
added 2024/09/26 12:0 a.m.181 views

Cisco IOS XE Software Web UI XSRF (cisco-sa-ios-webui-HfwnRgk)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected...

6.5CVSS5.3AI score0.00275EPSS
Exploits0References5
nvd
nvd
added 2024/09/25 5:15 p.m.33 views

CVE-2024-20508

A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...

6.5CVSS0.00417EPSS
Exploits0References1
nvd
nvd
added 2024/09/25 5:15 p.m.29 views

CVE-2024-20510

A vulnerability in the Central Web Authentication CWA feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list ACL, which could allow access to network resources before user authentication. Thi...

9.3CVSS0.00276EPSS
Exploits0References1
nvd
nvd
added 2024/09/25 5:15 p.m.14 views

CVE-2024-20464

A vulnerability in the Protocol Independent Multicast PIM feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of received IPv4 PIMv2 packets. An...

8.6CVSS0.00568EPSS
Exploits0References1
nvd
nvd
added 2024/09/25 5:15 p.m.32 views

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this...

4.3CVSS0.00257EPSS
Exploits0References1
nvd
nvd
added 2024/09/25 5:15 p.m.22 views

CVE-2024-20455

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense UTD component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists...

8.6CVSS0.00662EPSS
Exploits0References1
cvelist
cvelist
added 2024/09/25 4:29 p.m.44 views

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this...

4.3CVSS0.00257EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/09/25 4:29 p.m.12 views

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this...

4.3CVSS7AI score0.00257EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/09/25 4:29 p.m.21 views

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration...

6.5CVSS7AI score0.00275EPSS
Exploits0References1
Rows per page
Query Builder