Ios@12.2zx Security Vulnerabilities and Issues — Ios@12.2zx CVE List

Lucene search

CiscoIos12.2zx

22 matches found

CVE•added 2008/09/26 4:21 p.m.•81 views

CVE-2008-3805

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UD...

8.5CVSS6.6AI score0.01602EPSS

CVE•added 2011/10/03 11:55 p.m.•61 views

CVE-2011-3280

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

7.8CVSS7.3AI score0.00459EPSS

CVE•added 2011/10/03 11:55 p.m.•56 views

CVE-2011-3277

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.

7.8CVSS7.3AI score0.00371EPSS

CVE•added 2012/03/29 11:1 a.m.•56 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS

CVE•added 2009/03/27 4:30 p.m.•54 views

CVE-2009-0629

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8...

5.4CVSS6.7AI score0.00867EPSS

CVE•added 2009/03/27 4:30 p.m.•51 views

CVE-2009-0637

The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.

7.1CVSS6.4AI score0.01141EPSS

CVE•added 2009/01/16 9:30 p.m.•49 views

CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3CVSS5.7AI score0.10639EPSS

CVE•added 2008/09/26 4:21 p.m.•48 views

CVE-2008-3806

8.5CVSS6.7AI score0.01602EPSS

CVE•added 2009/09/28 7:30 p.m.•47 views

CVE-2009-2873

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.

7.1CVSS6.6AI score0.00781EPSS

CVE•added 2010/03/25 9:0 p.m.•45 views

CVE-2010-0576

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or proc...

7.8CVSS6.6AI score0.01653EPSS

CVE•added 2012/09/27 12:55 a.m.•43 views

CVE-2012-3949

The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a den...

7.8CVSS6.6AI score0.00932EPSS

CVE•added 2009/03/27 4:30 p.m.•42 views

CVE-2009-0630

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL...

7.1CVSS6.9AI score0.00064EPSS

CVE•added 2011/10/03 11:55 p.m.•42 views

CVE-2011-3276

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147.

7.8CVSS7.4AI score0.00427EPSS

CVE•added 2011/10/03 11:55 p.m.•42 views

CVE-2011-3278

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCti48483.

7.8CVSS7.3AI score0.00371EPSS

CVE•added 2008/09/26 4:21 p.m.•41 views

CVE-2008-3809

Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.

7.1CVSS6.5AI score0.0146EPSS

CVE•added 2012/03/29 11:1 a.m.•41 views

CVE-2012-0381

The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over...

7.8CVSS7.4AI score0.03518EPSS

CVE•added 2012/03/29 11:1 a.m.•41 views

CVE-2012-0382

The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload...

7.8CVSS7.3AI score0.04545EPSS

CVE•added 2008/09/26 4:21 p.m.•39 views

CVE-2008-3808

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.

7.8CVSS6.3AI score0.01672EPSS

CVE•added 2009/03/27 3:16 p.m.•39 views

CVE-2009-0631

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial ...

7.8CVSS6.8AI score0.01692EPSS

CVE•added 2009/03/27 4:30 p.m.•39 views

CVE-2009-0636

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.

7.8CVSS6.8AI score0.01334EPSS

CVE•added 2011/01/07 7:0 p.m.•37 views

CVE-2009-5040

CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.

6.8CVSS6.5AI score0.00512EPSS

CVE•added 2009/09/28 7:30 p.m.•36 views

CVE-2009-2872

6.8CVSS6.6AI score0.01117EPSS