CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the Zone-Based Policy Firewall’s firewall function in Cisco IOS XE operating systems is related to deficiencies in access control when configuring Unified Threat Defense UTD or Application Quality of Experience AppQoE settings. Exploiting this vulnerability allows a malicious...

5.8CVSS0.00387EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2021/09/27 12:0 a.m.•23 views

Cisco IOS XE Software Zone Based Policy Firewall ICMP UDP Inspection (cisco-sa-zbfw-pP9jfzwL)

A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP responder-to-initiator flows are not...

5.8CVSS6AI score0.00387EPSS

Exploits0References4

NVD•added 2021/09/23 3:15 a.m.•12 views

CVE-2021-1625

5.8CVSS0.00387EPSS

Exploits0References1

Prion•added 2021/09/23 3:15 a.m.•15 views

Design/Logic Flaw

4.3CVSS5.7AI score0.00387EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2021/09/23 2:25 a.m.•10 views

CVE-2021-1625 Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability

5.8CVSS6.9AI score0.00387EPSS

Exploits0References1

CVE•added 2021/09/23 2:25 a.m.•64 views

CVE-2021-1625

Cisco CVE-2021-1625 affects the Zone-Based Policy Firewall in Cisco IOS XE Software. The issue arises because ICMP and UDP responder-to-initiator flows are not inspected when UTD or AppQoE is configured, enabling an unauthenticated remote attacker to inject traffic; resulting traffic may be dropp...

5.8CVSS5.6AI score0.00387EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/09/23 2:25 a.m.•28 views

CVE-2021-1625 Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability

5.8CVSS5.9AI score0.00387EPSS

Exploits0References1

Cisco•added 2021/09/22 4:0 p.m.•36 views

Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability

5.8CVSS5.6AI score0.00387EPSS

Exploits0References1

NVD•added 2013/03/28 11:55 p.m.•17 views

CVE-2013-1145

Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service memory consumption or device reload via malformed SIP messages, aka Bug ID CSCtl99174...

7.8CVSS6.6AI score0.00963EPSS

Exploits0References1

Prion•added 2013/03/28 11:55 p.m.•18 views

Memory corruption

7.8CVSS7.2AI score0.00963EPSS

Exploits0References1Affected Software1

Cisco•added 2013/03/27 4:0 p.m.•26 views

Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability

Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol SIP messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affecte...

7.8CVSS6.5AI score0.00963EPSS

Exploits0References1

NVD•added 2009/09/28 7:30 p.m.•14 views

CVE-2009-2867

Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service device reload via a crafted SIP transit packet, aka Bug ID CSCsr18691...

7.8CVSS6.4AI score0.0071EPSS

Exploits0References5

Prion•added 2009/09/28 7:30 p.m.•14 views

Code injection

7.8CVSS7AI score0.0071EPSS

Exploits0References5Affected Software1

CVE•added 2009/09/28 6:20 p.m.•65 views

CVE-2009-2867

Cisco IOS Zone-Based Policy Firewall SIP inspection is affected by CVE-2009-2867 (Bug CSCsr18691). A crafted SIP transit packet can cause a denial of service resulting in a device reload on affected releases. The advisory specifies that only devices configured with SIP inspection in Zone-Based Po...

7.8CVSS6.4AI score0.0071EPSS

Exploits0References5Affected Software1

Cvelist•added 2009/09/28 6:20 p.m.•18 views

CVE-2009-2867

6.4AI score0.0071EPSS

Exploits0References5

securityvulns•added 2009/09/23 12:0 a.m.•42 views

Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Vulnerability Advisory ID: cisco-sa-20090923-ios-fw Revision 1.0 For Public Release 2009 September 23 +--------------------------------------------------------------------- Summary...

7.8CVSS0.5AI score0.0071EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by