Ios@12.4 Security Vulnerabilities and Issues — Page 3 of Ios@12.4 CVE List

Lucene search

CiscoIos12.4

108 matches found

CVE•added 2009/09/28 7:30 p.m.•36 views

CVE-2009-2872

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh975...

6.8CVSS6.6AI score0.01117EPSS

CVE•added 2012/05/02 10:9 a.m.•36 views

CVE-2012-0339

Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish TELNET connections from arbitrary source IP addresses via a standard TELNET client, aka Bug ID CSCsi77774.

5CVSS7AI score0.00243EPSS

CVE•added 2007/08/09 9:17 p.m.•35 views

CVE-2007-4292

Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249.

9.3CVSS6.6AI score0.07035EPSS

CVE•added 2012/05/02 10:9 a.m.•35 views

CVE-2011-3289

Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640.

3.6CVSS6.7AI score0.00071EPSS

CVE•added 2012/09/27 12:55 a.m.•34 views

CVE-2012-4619

The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123.

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2013/09/27 10:8 a.m.•34 views

CVE-2013-5474

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.

7.8CVSS6.8AI score0.0033EPSS

CVE•added 2008/09/18 8:0 p.m.•32 views

CVE-2008-4128

Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "ali...

9.3CVSS8AI score0.01525EPSS

CVE•added 2012/05/02 10:9 a.m.•30 views

CVE-2011-2586

The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote attackers to cause a denial of service (device crash) via a malformed HTTP response to a request for service installation, aka Bug ID CSCts12249.

5.4CVSS6.8AI score0.00427EPSS

Total number of security vulnerabilities108