Ios@15.1 Security Vulnerabilities and Issues — Ios@15.1 CVE List

Lucene search

CiscoIos15.1

17 matches found

CVE•added 2013/03/28 11:55 p.m.•52 views

CVE-2013-1143

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic en...

7.1CVSS6.8AI score0.00399EPSS

CVE•added 2013/03/28 11:55 p.m.•48 views

CVE-2013-1146

The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•48 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS

CVE•added 2013/09/27 10:8 a.m.•47 views

CVE-2013-5478

Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•46 views

CVE-2013-5481

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817.

7.1CVSS6.8AI score0.00548EPSS

CVE•added 2013/03/28 11:55 p.m.•45 views

CVE-2013-1145

Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/03/28 11:55 p.m.•40 views

CVE-2013-1144

Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055.

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•40 views

CVE-2013-5476

The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or hang) via crafted IPv4 HTTP traffic, aka Bug ID CSCtx56174.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/03/28 11:55 p.m.•39 views

CVE-2013-1147

The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device rel...

7.8CVSS6.9AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•38 views

CVE-2013-5473

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•37 views

CVE-2013-5472

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer rel...

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2013/09/27 10:8 a.m.•37 views

CVE-2013-5480

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•36 views

CVE-2013-5477

The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/11/08 4:47 a.m.•36 views

CVE-2013-5553

Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•35 views

CVE-2013-5479

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2013/09/27 10:8 a.m.•34 views

CVE-2013-5474

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.

7.8CVSS6.8AI score0.0033EPSS

CVE•added 2013/11/18 3:55 a.m.•32 views

CVE-2013-6686

The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568.

6.8CVSS6.4AI score0.00316EPSS