This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2011-10-21
Product Ios Last view 2021-03-24
Version 15.0(1)se Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:cisco:ios

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2021-03-24 CVE-2021-1460

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.

8.8 2020-09-23 CVE-2019-16009

A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or reload an affected device.

6.7 2020-06-03 CVE-2020-3204

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to cause memory corruption or execute the code with root privileges on the underlying OS of the affected device.

7.7 2020-06-03 CVE-2020-3200

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

7.5 2020-02-12 CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.

7.5 2019-09-25 CVE-2019-12655

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.

6.7 2019-05-13 CVE-2019-1649

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.

4.3 2019-03-27 CVE-2019-1761

A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device.

6.5 2019-03-27 CVE-2019-1746

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation when processing CMP management packets. An attacker could exploit this vulnerability by sending malicious CMP management packets to an affected device. A successful exploit could cause the switch to crash, resulting in a DoS condition. The switch will reload automatically.

6.5 2018-10-05 CVE-2018-0197

A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a logic error in how the affected software handles a subset of VTP packets. An attacker could exploit this vulnerability by sending VTP packets in a sequence that triggers a timeout in the VTP message processing code of the affected software. A successful exploit could allow the attacker to impact the ability to create, modify, or delete VLANs and cause a DoS condition. There are workarounds that address this vulnerability. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS Software or Cisco IOS XE Software, are operating in VTP client mode or VTP server mode, and do not have a VTP domain name configured. The default configuration for Cisco devices that are running Cisco IOS Software or Cisco IOS XE Software and support VTP is to operate in VTP server mode with no domain name configured.

4.4 2017-10-19 CVE-2017-12289

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging that causes sensitive information to be written to the log file. This information should be restricted. An attacker who has valid administrative credentials could exploit this vulnerability by authenticating to the device and enabling conditional, verbose debug logging for IPsec and viewing the log file. An exploit could allow the attacker to access sensitive information related to the IPsec configuration. Cisco Bug IDs: CSCvf12081.

9.8 2017-09-28 CVE-2017-12240

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.

8.2 2017-08-07 CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco Bug IDs: CSCva74756, CSCve47393, CSCve47401.

6.5 2017-08-02 CVE-2012-5030

Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects.

8.8 2017-07-17 CVE-2017-6744

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve78027, CSCve60276.

8.8 2017-07-17 CVE-2017-6743

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60376, CSCve78027.

8.8 2017-07-17 CVE-2017-6739

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66540.

8.8 2017-07-17 CVE-2017-6738

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638.

8.8 2017-07-17 CVE-2017-6737

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60402.

8.6 2017-04-20 CVE-2017-3863

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCut50727.

8.6 2017-04-20 CVE-2017-3862

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCuu76493.

8.6 2017-04-20 CVE-2017-3861

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCut47751.

8.6 2017-04-20 CVE-2017-3860

Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. These vulnerabilities are due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted EnergyWise packets to be processed by an affected device. An exploit could allow the attacker to cause a buffer overflow condition or a reload of the affected device, leading to a DoS condition. Cisco IOS Software and Cisco IOS XE Software support EnergyWise for IPv4 communication. Only IPv4 packets destined to a device configured as an EnergyWise domain member can trigger these vulnerabilities. IPv6 packets cannot be used to trigger these vulnerabilities. Cisco Bug ID CSCur29331.

8.6 2017-03-22 CVE-2017-3864

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and using a specific DHCP client configuration. Cisco Bug IDs: CSCuu43892.

7.5 2017-03-22 CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078.

CWE : Common Weakness Enumeration

%idName
26% (18) CWE-20 Improper Input Validation
20% (14) CWE-399 Resource Management Errors
20% (14) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (4) CWE-362 Race Condition
4% (3) CWE-264 Permissions, Privileges, and Access Controls
4% (3) CWE-200 Information Exposure
2% (2) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (2) CWE-287 Improper Authentication
1% (1) CWE-772 Missing Release of Resource after Effective Lifetime
1% (1) CWE-667 Insufficient Locking
1% (1) CWE-665 Improper Initialization
1% (1) CWE-436 Interpretation Conflict
1% (1) CWE-352 Cross-Site Request Forgery (CSRF)
1% (1) CWE-189 Numeric Errors
1% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...

Open Source Vulnerability Database (OSVDB)

id Description
76818 Cisco IOS IPv6 Component Crafted Echo Request Packet Remote Information Discl...

OpenVAS Exploits

id Description
2016-05-04 Name : Cisco IOS Software and IOS XE Software LISP Denial of Service Vulnerability
File : nvt/gb_cisco_ios_Cisco-SA-20140514-CVE-2014-3262.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0045 Multiple Vulnerabilities in Cisco IOS
Severity: Category I - VMSKEY: V0047591
2014-A-0046 Multiple Vulnerabilities in Cisco IOS XE
Severity: Category I - VMSKEY: V0047593

Snort® IPS/IDS

Date Description
2014-01-10 Multiple Operating Systems invalid DHCP option attempt
RuleID : 7196 - Type : OS-OTHER - Revision : 13
2020-12-05 Cisco IOS EnergyWise out of bounds read attempt
RuleID : 53472 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS EnergyWise integer underflow attempt
RuleID : 53471 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS EnergyWise heap buffer overflow attempt
RuleID : 53470 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS Web UI cross site request forgery attempt
RuleID : 52560 - Type : SERVER-WEBAPP - Revision : 1
2020-12-05 Cisco IOS Web UI cross site request forgery attempt
RuleID : 52559 - Type : SERVER-WEBAPP - Revision : 1
2020-12-05 Cisco IOS XE FTP Application Layer Gateway denial of service attempt
RuleID : 51646 - Type : SERVER-OTHER - Revision : 1
2017-03-23 Cisco IOS L2TP invalid message digest AVP denial of service attempt
RuleID : 42070 - Type : SERVER-OTHER - Revision : 1
2017-03-23 Cisco IOS DHCP client dummy XID denial of service attempt
RuleID : 42060 - Type : SERVER-OTHER - Revision : 3
2017-03-10 Cisco Software Cluster Management Protocol remote code execution attempt
RuleID : 41910 - Type : SERVER-OTHER - Revision : 4
2017-03-10 Cisco Software Cluster Management Protocol remote code execution attempt
RuleID : 41909 - Type : SERVER-OTHER - Revision : 4
2016-09-29 Cisco IOS malformed H.450 PER data out of bounds read attempt
RuleID : 40298 - Type : PROTOCOL-VOIP - Revision : 1
2016-10-10 Cisco IOS Group-Prime SHA memory disclosure attempt
RuleID : 40222-community - Type : SERVER-OTHER - Revision : 5
2016-09-16 Cisco IOS Group-Prime SHA memory disclosure attempt
RuleID : 40222 - Type : SERVER-OTHER - Revision : 5
2016-10-10 Cisco IOS Group-Prime MD5 memory disclosure attempt
RuleID : 40221-community - Type : SERVER-OTHER - Revision : 5
2016-09-16 Cisco IOS Group-Prime MD5 memory disclosure attempt
RuleID : 40221 - Type : SERVER-OTHER - Revision : 5
2016-10-10 Cisco IOS Group-Prime memory disclosure exfiltration attempt
RuleID : 40220-community - Type : SERVER-OTHER - Revision : 6
2016-09-16 Cisco IOS Group-Prime memory disclosure exfiltration attempt
RuleID : 40220 - Type : SERVER-OTHER - Revision : 6
2016-05-27 Cisco IOS NX invalid ICMPv6 neighbor discovery hop limit denial of service at...
RuleID : 39065 - Type : SERVER-OTHER - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-10 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-dns-iosxe.nasl - Type: ACT_GATHER_INFO
2018-04-10 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-dns-ios.nasl - Type: ACT_GATHER_INFO
2017-10-11 Name: The remote device is affected by a remote code execution vulnerability.
File: cisco-sa-20170317-cmp-dos.nasl - Type: ACT_KILL_HOST
2017-10-02 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170927-dhcp-ios.nasl - Type: ACT_GATHER_INFO
2017-07-07 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170629-snmp-iosxe.nasl - Type: ACT_GATHER_INFO
2017-07-07 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170629-snmp-ios.nasl - Type: ACT_GATHER_INFO
2017-04-26 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-energywise-iosxe.nasl - Type: ACT_GATHER_INFO
2017-04-26 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170419-energywise-ios.nasl - Type: ACT_GATHER_INFO
2017-03-28 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170322-l2tp-ios.nasl - Type: ACT_GATHER_INFO
2017-03-28 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170322-dhcpc-ios.nasl - Type: ACT_GATHER_INFO
2017-03-28 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170322-dhcpc-iosxe.nasl - Type: ACT_GATHER_INFO
2017-03-28 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170322-l2tp-iosxe.nasl - Type: ACT_GATHER_INFO
2017-03-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170317-cmp-iosxe.nasl - Type: ACT_GATHER_INFO
2017-03-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20170317-cmp-ios.nasl - Type: ACT_GATHER_INFO
2017-01-26 Name: A remote device is affected by an information disclosure vulnerability.
File: cisco_ikev1_info_disclosure.nasl - Type: ACT_ATTACK
2016-10-07 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-msdp.nasl - Type: ACT_GATHER_INFO
2016-10-07 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-msdp-iosxe.nasl - Type: ACT_GATHER_INFO
2016-09-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160916-ikev1-iosxr.nasl - Type: ACT_GATHER_INFO
2016-09-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160916-ikev1-iosxe.nasl - Type: ACT_GATHER_INFO
2016-09-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160916-ikev1-ios.nasl - Type: ACT_GATHER_INFO
2016-06-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-CSCun96847-iosxe.nasl - Type: ACT_GATHER_INFO
2016-06-27 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-CSCun94946-ios.nasl - Type: ACT_GATHER_INFO
2016-06-22 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_jsa10749.nasl - Type: ACT_GATHER_INFO
2016-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160323-smi-iosxe.nasl - Type: ACT_GATHER_INFO
2016-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160323-smi-ios.nasl - Type: ACT_GATHER_INFO