Ios@12.4(5) Security Vulnerabilities and Issues — Ios@12.4(5) CVE List

Lucene search

CiscoIos12.4(5)

27 matches found

CVE•added 2017/07/17 9:29 p.m.•1111 views

CVE-2017-6736

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.86397EPSS

CVE•added 2017/07/17 9:29 p.m.•1025 views

CVE-2017-6743

9CVSS9.1AI score0.08714EPSS

CVE•added 2017/07/17 9:29 p.m.•1017 views

CVE-2017-6737

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.08176EPSS

CVE•added 2017/07/17 9:29 p.m.•998 views

CVE-2017-6744

9CVSS9.1AI score0.16612EPSS

CVE•added 2008/10/20 5:59 p.m.•486 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS

CVE•added 2017/08/07 6:29 a.m.•148 views

CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerabili...

4.2CVSS3.5AI score0.00583EPSS

CVE•added 2024/09/25 5:15 p.m.•142 views

CVE-2024-20433

A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a bu...

8.6CVSS7.6AI score0.00332EPSS

CVE•added 2016/05/29 10:59 p.m.•106 views

CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in ...

7.5CVSS7.1AI score0.03423EPSS

CVE•added 2020/06/03 6:15 p.m.•91 views

CVE-2020-3201

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient i...

6CVSS5.8AI score0.00042EPSS

CVE•added 2025/02/05 5:15 p.m.•81 views

CVE-2025-20169

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7AI score0.00185EPSS

CVE•added 2016/10/05 8:59 p.m.•75 views

CVE-2016-6380

The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.

8.3CVSS7.8AI score0.02265EPSS

CVE•added 2006/09/23 10:7 a.m.•71 views

CVE-2006-4950

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-w...

10CVSS7.7AI score0.03386EPSS

CVE•added 2021/09/23 3:15 a.m.•69 views

CVE-2021-34705

A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial s...

5.3CVSS5.4AI score0.00337EPSS

CVE•added 2007/10/12 1:17 a.m.•62 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session...

9.3CVSS8AI score0.63694EPSS

CVE•added 2005/11/30 11:3 a.m.•61 views

CVE-2005-3921

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/e...

2.6CVSS5.7AI score0.01599EPSS

CVE•added 2012/03/29 11:1 a.m.•56 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS

CVE•added 2009/03/27 4:30 p.m.•54 views

CVE-2009-0629

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8...

5.4CVSS6.7AI score0.00867EPSS

CVE•added 2025/02/05 5:15 p.m.•53 views

CVE-2025-20170

7.7CVSS7AI score0.00185EPSS

CVE•added 2009/03/27 4:30 p.m.•51 views

CVE-2009-0637

The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.

7.1CVSS6.4AI score0.01141EPSS

CVE•added 2011/06/09 2:38 a.m.•50 views

CVE-2011-2395

The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated...

5CVSS6.9AI score0.00147EPSS

CVE•added 2012/09/27 12:55 a.m.•47 views

CVE-2012-4623

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed D...

7.8CVSS6.7AI score0.00798EPSS

CVE•added 2012/03/29 11:1 a.m.•41 views

CVE-2012-0381

The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over...

7.8CVSS7.4AI score0.03518EPSS

CVE•added 2012/03/29 11:1 a.m.•41 views

CVE-2012-0382

The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload...

7.8CVSS7.3AI score0.04545EPSS

CVE•added 2007/02/01 1:28 a.m.•40 views

CVE-2007-0648

Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.

7.8CVSS6.4AI score0.02244EPSS

CVE•added 2012/09/27 12:55 a.m.•39 views

CVE-2012-3950

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

7.1CVSS6.7AI score0.00662EPSS

CVE•added 2011/01/07 7:0 p.m.•37 views

CVE-2009-5040

CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.

6.8CVSS6.5AI score0.00512EPSS

CVE•added 2012/08/06 6:55 p.m.•37 views

CVE-2012-1350

Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426.

7.8CVSS6.9AI score0.00427EPSS