Ios@- Security Vulnerabilities and Issues — Ios@- CVE List

Lucene search

CiscoIos-

12 matches found

CVE•added 2013/05/08 12:9 p.m.•58 views

CVE-2013-1241

The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.

6.3CVSS6.4AI score0.00366EPSS

CVE•added 2013/10/10 10:55 a.m.•48 views

CVE-2013-5527

The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.

5.7CVSS6.8AI score0.00474EPSS

CVE•added 2013/11/01 2:55 a.m.•44 views

CVE-2013-5548

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795.

4.3CVSS7AI score0.00397EPSS

CVE•added 2013/02/13 11:55 p.m.•42 views

CVE-2013-1100

The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.

5.4CVSS6.9AI score0.00542EPSS

CVE•added 2013/10/10 10:55 a.m.•42 views

CVE-2013-5499

The remember feature in the DHCP server in Cisco IOS allows remote attackers to cause a denial of service (device reload) by acquiring a lease and then sending a DHCPRELEASE message, aka Bug ID CSCuh46822.

5.7CVSS6.8AI score0.0017EPSS

CVE•added 2013/08/30 8:55 p.m.•41 views

CVE-2013-5469

The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of ACK packets) via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399.

7.1CVSS6.8AI score0.00746EPSS

CVE•added 2013/05/13 11:50 a.m.•38 views

CVE-2013-1136

The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor crash) by creating multiple tunnels and then examining encryption statistics, aka Bug ID CSCuc52193.

4.6CVSS6.4AI score0.00046EPSS

CVE•added 2013/07/19 2:36 p.m.•37 views

CVE-2013-3436

The default configuration of the Group Encrypted Transport VPN (GET VPN) feature on Cisco IOS uses an improper mechanism for enabling Group Domain of Interpretation (GDOI) traffic flow, which allows remote attackers to bypass the encryption policy via certain uses of UDP port 848, aka Bug ID CSCui0...

5CVSS7AI score0.00197EPSS

CVE•added 2013/04/24 10:28 a.m.•34 views

CVE-2013-1217

The generic input/output control implementation in Cisco IOS does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests at the same time, aka Bug ID CSCub41105.

6.8CVSS6.4AI score0.00363EPSS

CVE•added 2013/10/25 3:52 a.m.•34 views

CVE-2013-5522

Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286.

6.8CVSS6.7AI score0.0008EPSS

CVE•added 2013/12/03 7:56 p.m.•32 views

CVE-2013-6705

The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133.

6.1CVSS6.9AI score0.00349EPSS

CVE•added 2013/11/22 7:55 p.m.•30 views

CVE-2013-6694

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918.

4.3CVSS6.8AI score0.00443EPSS