Lucene search

K

7 matches found

CVE
CVE
added 2014/07/09 11:7 a.m.49 views

CVE-2014-3309

The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

5CVSS6.9AI score0.0021EPSS
CVE
CVE
added 2014/05/16 11:12 a.m.45 views

CVE-2014-3262

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782...

4.3CVSS6.7AI score0.00643EPSS
CVE
CVE
added 2014/05/25 10:55 p.m.45 views

CVE-2014-3284

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.

6.1CVSS6.8AI score0.0067EPSS
CVE
CVE
added 2014/10/10 1:55 a.m.45 views

CVE-2014-3404

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.

4.3CVSS6.8AI score0.00131EPSS
CVE
CVE
added 2014/10/10 1:55 a.m.39 views

CVE-2014-3405

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on a...

4.8CVSS6.9AI score0.00196EPSS
CVE
CVE
added 2014/04/04 3:10 p.m.38 views

CVE-2014-2143

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.

5CVSS6.7AI score0.00412EPSS
CVE
CVE
added 2014/10/10 1:55 a.m.38 views

CVE-2014-3403

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.

5CVSS6.9AI score0.00131EPSS