Ios@12.2 Security Vulnerabilities and Issues — Ios@12.2 CVE List

Lucene search

CiscoIos12.2

112 matches found

CVE•added 2017/09/29 1:34 a.m.•1195 views

CVE-2017-12240

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resultin...

10CVSS10AI score0.24938EPSS

In wild

CVE•added 2017/09/29 1:34 a.m.•981 views

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to th...

7.8CVSS7.6AI score0.10011EPSS

In wild

CVE•added 2016/09/19 1:59 a.m.•591 views

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bu...

7.5CVSS7.2AI score0.92948EPSS

In wild

CVE•added 2008/10/20 5:59 p.m.•493 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00465EPSS

CVE•added 2003/08/18 4:0 a.m.•209 views

CVE-2003-0567

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.

7.8CVSS6.5AI score0.24634EPSS

CVE•added 2002/03/09 5:0 a.m.•149 views

CVE-2001-0537

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

9.3CVSS6.9AI score0.93454EPSS

In wild

CVE•added 2002/12/23 5:0 a.m.•138 views

CVE-2002-1359

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS8.1AI score0.86998EPSS

CVE•added 2002/12/23 5:0 a.m.•85 views

CVE-2002-1357

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS7.5AI score0.18474EPSS

CVE•added 2002/12/23 5:0 a.m.•73 views

CVE-2002-1358

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS7.5AI score0.04128EPSS

CVE•added 2004/02/17 5:0 a.m.•71 views

CVE-2004-0054

Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

7.5CVSS7.6AI score0.05647EPSS

CVE•added 2015/03/26 10:59 a.m.•66 views

CVE-2015-0646

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sen...

7.8CVSS6.6AI score0.01551EPSS

CVE•added 2014/03/27 9:55 p.m.•64 views

CVE-2014-2109

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.

7.8CVSS6.6AI score0.01117EPSS

CVE•added 2007/10/12 1:17 a.m.•63 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session...

9.3CVSS8AI score0.63694EPSS

CVE•added 2017/03/22 7:59 p.m.•63 views

CVE-2017-3864

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. A...

8.6CVSS8.3AI score0.01125EPSS

CVE•added 2002/12/23 5:0 a.m.•62 views

CVE-2002-1360

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated...

10CVSS7.8AI score0.04128EPSS

CVE•added 2011/10/03 11:55 p.m.•62 views

CVE-2011-3280

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

7.8CVSS7.3AI score0.00459EPSS

CVE•added 2005/06/21 4:0 a.m.•61 views

CVE-2002-1706

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by ...

7.5CVSS7.6AI score0.00363EPSS

CVE•added 2007/05/16 1:19 a.m.•61 views

CVE-2007-2688

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

7.8CVSS6.7AI score0.03824EPSS

CVE•added 2007/08/09 9:17 p.m.•61 views

CVE-2007-4285

Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a ...

9CVSS6.6AI score0.01129EPSS

CVE•added 2008/03/27 10:44 a.m.•61 views

CVE-2008-1156

Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message.

5.1CVSS6.3AI score0.01005EPSS

CVE•added 2016/10/05 5:59 p.m.•61 views

CVE-2016-6384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257.

7.8CVSS7.2AI score0.01972EPSS

CVE•added 2015/03/26 10:59 a.m.•59 views

CVE-2015-0643

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by send...

7.8CVSS6.7AI score0.01796EPSS

CVE•added 2003/04/02 5:0 a.m.•58 views

CVE-2002-1024

Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

7.1CVSS6.6AI score0.63977EPSS

CVE•added 2011/10/03 11:55 p.m.•58 views

CVE-2011-3277

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.

7.8CVSS7.3AI score0.00371EPSS

CVE•added 2014/03/27 9:55 p.m.•58 views

CVE-2014-2108

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

7.8CVSS6.5AI score0.01104EPSS

CVE•added 2012/03/29 11:1 a.m.•57 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS

CVE•added 2005/11/03 2:2 a.m.•56 views

CVE-2005-3481

Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities tha...

9.3CVSS8.1AI score0.05119EPSS

CVE•added 2009/03/27 4:30 p.m.•55 views

CVE-2009-0629

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8...

5.4CVSS6.7AI score0.00772EPSS

CVE•added 2005/06/21 4:0 a.m.•54 views

CVE-2002-1768

Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.

5CVSS6.7AI score0.00763EPSS

CVE•added 2007/08/09 9:17 p.m.•54 views

CVE-2007-4286

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.

9.3CVSS7.8AI score0.6264EPSS

CVE•added 2011/10/22 2:59 a.m.•54 views

CVE-2011-2057

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of servi...

7.5CVSS7.2AI score0.01102EPSS

CVE•added 2012/09/27 12:55 a.m.•54 views

CVE-2012-4620

Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808.

7.8CVSS6.8AI score0.00726EPSS

CVE•added 2013/03/28 11:55 p.m.•54 views

CVE-2013-1142

Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.

7.8CVSS6.7AI score0.00288EPSS

CVE•added 2015/03/26 10:59 a.m.•54 views

CVE-2015-0650

The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by...

7.8CVSS6.6AI score0.01098EPSS

CVE•added 2003/08/27 4:0 a.m.•53 views

CVE-2003-0647

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.

7.5CVSS8AI score0.1236EPSS

CVE•added 2007/10/19 10:0 a.m.•53 views

CVE-2003-1398

Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).

9.3CVSS6.7AI score0.00702EPSS

CVE•added 2009/08/27 5:0 p.m.•53 views

CVE-2009-2051

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reloa...

7.8CVSS6.6AI score0.01875EPSS

CVE•added 2010/09/23 7:0 p.m.•53 views

CVE-2010-2830

The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2013/03/28 11:55 p.m.•53 views

CVE-2013-1143

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic en...

7.1CVSS6.8AI score0.00399EPSS

CVE•added 2002/06/25 4:0 a.m.•52 views

CVE-2001-1183

PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.

5CVSS6.6AI score0.00237EPSS

CVE•added 2009/03/27 4:30 p.m.•52 views

CVE-2009-0637

The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.

7.1CVSS6.4AI score0.01284EPSS

CVE•added 2012/03/29 11:1 a.m.•52 views

CVE-2012-0386

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

7.8CVSS6.6AI score0.02138EPSS

CVE•added 2002/06/25 4:0 a.m.•51 views

CVE-2001-0929

Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.

7.5CVSS6.7AI score0.00577EPSS

CVE•added 2011/06/09 2:38 a.m.•51 views

CVE-2011-2395

The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated...

5CVSS6.9AI score0.00147EPSS

CVE•added 2015/03/26 10:59 a.m.•51 views

CVE-2015-0642

7.8CVSS6.7AI score0.01796EPSS

CVE•added 2008/09/26 4:21 p.m.•50 views

CVE-2008-3800

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2009/01/16 9:30 p.m.•50 views

CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3CVSS5.7AI score0.10639EPSS

Web

CVE•added 2013/09/27 10:8 a.m.•50 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS

CVE•added 2014/03/27 9:55 p.m.•50 views

CVE-2014-2111

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

7.1CVSS6.5AI score0.00763EPSS

CVE•added 2005/12/21 1:0 a.m.•49 views

CVE-2002-2208

Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.

7.8CVSS6.5AI score0.06321EPSS

Total number of security vulnerabilities112