This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2009-07-30
Product Ios Xe Last view 2021-10-21
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:* 94
cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:* 93
cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:* 92
cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:* 92
cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:* 92
cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:* 92
cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:* 91
cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:* 90
cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:* 90
cpe:2.3:o:cisco:ios_xe:2.5.0:*:*:*:*:*:*:* 89
cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:* 88
cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:* 88
cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:2.5.1:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:* 87
cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.2.0s:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:* 86
cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:2.6.0:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:* 85
cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.3.1sg:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:* 84
cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:2.6.1:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:* 83
cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:* 83

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2021-10-21 CVE-2021-1529

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.

7.2 2021-09-23 CVE-2021-34770

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs during the validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the affected device to crash and reload, resulting in a DoS condition.

7.5 2021-09-23 CVE-2021-34769

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

7.5 2021-09-23 CVE-2021-34768

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

7.4 2021-09-23 CVE-2021-34767

A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition.

6.7 2021-09-23 CVE-2021-34729

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.

6.7 2021-09-23 CVE-2021-34723

A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of the configuration database and gain root-level access to an affected device.

7.4 2021-09-23 CVE-2021-34714

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.

5.3 2021-09-23 CVE-2021-34705

A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers.

6.5 2021-09-23 CVE-2021-34703

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device.

7.7 2021-09-23 CVE-2021-34699

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

8.6 2021-09-23 CVE-2021-34697

A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorrect programming of the half-opened connections limit, TCP SYN flood limit, or TCP SYN cookie features when the features are configured in vulnerable releases of Cisco IOS XE Software. An attacker could exploit this vulnerability by attempting to flood traffic to or through the affected device. A successful exploit could allow the attacker to initiate a DoS attack to or through an affected device.

5.8 2021-09-23 CVE-2021-34696

A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

5.8 2021-09-23 CVE-2021-1625

A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP responder-to-initiator flows are not inspected when the Zone-Based Policy Firewall has either Unified Threat Defense (UTD) or Application Quality of Experience (AppQoE) configured. An attacker could exploit this vulnerability by attempting to send UDP or ICMP flows through the network. A successful exploit could allow the attacker to inject traffic through the Zone-Based Policy Firewall, resulting in traffic being dropped because it is incorrectly classified or in incorrect reporting figures being produced by high-speed logging (HSL).

8.6 2021-09-23 CVE-2021-1624

A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to mishandling of the rate limiting feature within the QuantumFlow Processor. An attacker could exploit this vulnerability by sending large amounts of traffic that would be subject to NAT and rate limiting through an affected device. A successful exploit could allow the attacker to cause the QuantumFlow Processor utilization to reach 100 percent on the affected device, resulting in a DoS condition.

7.7 2021-09-23 CVE-2021-1623

A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition.

8.6 2021-09-23 CVE-2021-1622

A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.

7.4 2021-09-23 CVE-2021-1621

A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause a queue wedge on the interface, resulting in a DoS condition.

7.7 2021-09-23 CVE-2021-1620

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.

9.1 2021-09-23 CVE-2021-1619

A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.

4.7 2021-09-23 CVE-2021-1616

A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should not be allowed to a remote device located behind the ALG. Note: This vulnerability has been publicly discussed as NAT Slipstreaming.

8.6 2021-09-23 CVE-2021-1611

A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper processing of malformed EoGRE packets. An attacker could exploit this vulnerability by sending malicious packets to the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

8.6 2021-09-23 CVE-2021-1565

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit the vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

6.7 2021-03-24 CVE-2021-1454

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to access the underlying operating system with root privileges.

6.8 2021-03-24 CVE-2021-1453

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code function that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to boot a malicious software image or execute unsigned code and bypass the image verification check part of the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated physical access to the device or obtain privileged access to the root shell on the device.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
32% (115) CWE-20 Improper Input Validation
14% (51) CWE-399 Resource Management Errors
6% (23) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
5% (21) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (18) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (10) CWE-287 Improper Authentication
1% (7) CWE-347 Improper Verification of Cryptographic Signature
1% (7) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (6) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (5) CWE-665 Improper Initialization
1% (5) CWE-415 Double Free
1% (5) CWE-264 Permissions, Privileges, and Access Controls
1% (4) CWE-772 Missing Release of Resource after Effective Lifetime
1% (4) CWE-310 Cryptographic Issues
1% (4) CWE-295 Certificate Issues
1% (4) CWE-269 Improper Privilege Management
1% (4) CWE-77 Improper Sanitization of Special Elements used in a Command ('Comma...
0% (3) CWE-754 Improper Check for Unusual or Exceptional Conditions
0% (3) CWE-489 Leftover Debug Code
0% (3) CWE-362 Race Condition
0% (3) CWE-352 Cross-Site Request Forgery (CSRF)
0% (2) CWE-798 Use of Hard-coded Credentials
0% (2) CWE-787 Out-of-bounds Write
0% (2) CWE-770 Allocation of Resources Without Limits or Throttling
0% (2) CWE-755 Improper Handling of Exceptional Conditions

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:6697 Cisco IOS Software BGP Routing Dos Vulnerability
oval:org.mitre.oval:def:6853 Cisco IOS Software BGP Routing Dos Vulnerability
oval:org.mitre.oval:def:13781 The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and ...
oval:org.mitre.oval:def:25963 SUSE-SU-2014:0879-1 -- Security update for quagga

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
76071 Cisco IOS Expired MPLS TTL ICMPv6 Packet Parsing Remote DoS
76070 Cisco IOS Expired MPLS TTL IPv6 Packet Parsing Remote DoS
76069 Cisco IOS IP Service Level Agreement (IP SLA) UDP Packet Parsing Remote DoS
76009 Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
75925 Cisco IOS Network Address Translation UDP SIP Packet Parsing Memory Exhaustio...
75924 Cisco IOS Network Address Translation MPLS UDP SIP Packet Parsing Remote DoS
75923 Cisco IOS Network Address Translation UDP SIP Packet Parsing Remote DoS
75922 Cisco IOS Network Address Translation TCP SIP Packet Parsing Remote DoS
75921 Cisco IOS Network Address Translation H.323 Packet Parsing Remote DoS
75920 Cisco IOS Network Address Translation LDAP Packet Parsing Remote DoS
75919 Cisco IOS Memory Leak SIP Packet Parsing Unspecified Remote DoS
75918 Cisco IOS Session Control Buffers (SCB) SIP Packet Parsing Voice Service Remo...
75917 Cisco IOS SIP Packet Parsing Unspecified Remote DoS
68206 Cisco Unified Communications Manager (CUCM) SIP REFER Request Invalid Refer-T...
68205 Cisco IOS SIP REFER Request Invalid Refer-To Header Remote DoS
68204 Cisco Unified Communications Manager (CUCM) Crafted UDP SIP Registration Traf...
68203 Cisco IOS Crafted UDP SIP Registration Traffic Remote DoS
68201 Cisco IOS NAT for H.225.0 Transit Traffic Remote DoS
68200 Cisco IOS NAT for H.323 Transit Traffic Remote DoS
68199 Cisco IOS NAT for SIP UDP Transit Traffic Remote DoS
68198 Cisco IOS Crafted IGMPv3 Packet Handling Remote DoS
68197 Cisco IOS Crafted H.323 Packet Handling Remote DoS (2010-2829)
68196 Cisco IOS Crafted H.323 Packet Handling Remote DoS (2010-2828)
63188 Cisco IOS Label Distribution Protocol (LDP) Hello Message Handling Remote DoS
57453 Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo...

OpenVAS Exploits

id Description
2016-05-04 Name : Cisco IOS Software and IOS XE Software LISP Denial of Service Vulnerability
File : nvt/gb_cisco_ios_Cisco-SA-20140514-CVE-2014-3262.nasl
2016-05-04 Name : Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
File : nvt/gb_cisco_ios_cisco-sa-20140326-sip.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0185 Cisco IOS XE Software for ASR 1000 Series Routers Denial of Service Vulnerabi...
Severity: Category I - VMSKEY: V0061281
2015-A-0175 Multiple Vulnerabilities in Cisco IOS XE
Severity: Category I - VMSKEY: V0061141
2015-A-0177 Cisco IOS Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0061143
2014-B-0113 Cisco NX-OS Software Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0053881
2014-A-0045 Multiple Vulnerabilities in Cisco IOS
Severity: Category I - VMSKEY: V0047591
2014-A-0046 Multiple Vulnerabilities in Cisco IOS XE
Severity: Category I - VMSKEY: V0047593
2014-B-0002 Cisco IOS XE Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0043235
2014-B-0001 Cisco IOS Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0043236
2013-A-0206 Cisco IOS XE Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0041647
2013-A-0195 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0040781
2013-A-0185 Multiple Vulnerabilities in Cisco IOS XE
Severity: Category I - VMSKEY: V0040708
2013-A-0184 Multiple Vulnerabilities in Cisco IOS
Severity: Category I - VMSKEY: V0040709
2013-B-0086 Cisco StarOS Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040039
2013-A-0157 Cisco ASA and Pix Firewall Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040041
2013-A-0159 Cisco IOS XE Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040042
2012-A-0154 Cisco Catalyst 4500E Switch Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0033973

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55925 - Type : SERVER-OTHER - Revision : 1
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55924 - Type : SERVER-OTHER - Revision : 1
2020-12-08 Cisco IOS XE WebUI restricted character in authentication detected
RuleID : 55833 - Type : POLICY-OTHER - Revision : 1
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55831 - Type : SERVER-OTHER - Revision : 2
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55830 - Type : SERVER-OTHER - Revision : 1
2020-12-08 Cisco IOS XE Umbrella Connector denial of service attempt
RuleID : 55822 - Type : PROTOCOL-DNS - Revision : 1
2020-12-08 Cisco IOS XE Flexible NetFlow denial of service attempt
RuleID : 55820 - Type : PROTOCOL-OTHER - Revision : 1
2020-12-08 Cisco IOS Common Open Policy Service denial of service attempt
RuleID : 55819 - Type : SERVER-OTHER - Revision : 1
2020-12-08 Cisco IOS XE WebUI administrative access detected
RuleID : 55818 - Type : POLICY-OTHER - Revision : 1
2020-12-08 Cisco IOS XE WebUI administrative access detected
RuleID : 55817 - Type : POLICY-OTHER - Revision : 1
2020-12-08 Cisco IOS XE WebUI administrative access detected
RuleID : 55816 - Type : POLICY-OTHER - Revision : 2
2020-12-08 Cisco IOS XE WebUI administrative access detected
RuleID : 55815 - Type : POLICY-OTHER - Revision : 1
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55807 - Type : SERVER-OTHER - Revision : 1
2020-12-08 Cisco Wireless LAN Controller CAPWAP denial of service attempt
RuleID : 55806 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS malformed SIP Via header denial of service attempt
RuleID : 54164 - Type : PROTOCOL-VOIP - Revision : 1
2020-12-05 Cisco IOS malformed SIP Via header denial of service attempt
RuleID : 54163 - Type : PROTOCOL-VOIP - Revision : 1
2020-12-05 Cisco IOx token service access detected
RuleID : 54161 - Type : POLICY-OTHER - Revision : 1
2020-12-05 Cisco IOS IKE2 invalid port denial of service attempt
RuleID : 54160 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS IKE2 invalid port denial of service attempt
RuleID : 54159 - Type : SERVER-OTHER - Revision : 1
2020-12-05 Cisco IOS XE NetFlow packet parsing denial of service attempt
RuleID : 54158 - Type : PROTOCOL-OTHER - Revision : 1
2020-12-05 Cisco IOS XE Web UI command injection attempt
RuleID : 53503 - Type : SERVER-WEBAPP - Revision : 3
2020-12-05 Cisco IOS XE Web UI command injection attempt
RuleID : 53502 - Type : SERVER-WEBAPP - Revision : 3
2020-12-05 Cisco IOS XE Web UI command injection attempt
RuleID : 53501 - Type : SERVER-WEBAPP - Revision : 3
2020-12-05 Cisco IOS XE Web UI file upload remote code execution attempt
RuleID : 53500 - Type : SERVER-WEBAPP - Revision : 3
2020-12-05 Cisco IOS XE Web UI file upload remote code execution attempt
RuleID : 53499 - Type : SERVER-WEBAPP - Revision : 3

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-cdp-memleak.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-cmp-ios.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-cmp-iosxe.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-errdisable.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-iosxe-cmdinj.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-ipsec-iosxe.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-ipv6hbh-ios.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-ipv6hbh-iosxe.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-ospfv3-dos-ios.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-ospfv3-dos-iosxe.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-sip-alg.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-webdos.nasl - Type: ACT_GATHER_INFO
2018-10-05 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180926-webuidos.nasl - Type: ACT_GATHER_INFO
2018-04-17 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-dhcpr3-ios.nasl - Type: ACT_GATHER_INFO
2018-04-17 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-dhcpr3-iosxe.nasl - Type: ACT_GATHER_INFO
2018-04-10 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-dns-ios.nasl - Type: ACT_GATHER_INFO
2018-04-10 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20160928-dns-iosxe.nasl - Type: ACT_GATHER_INFO
2018-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-lldp-ios.nasl - Type: ACT_GATHER_INFO
2018-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-lldp-iosxe.nasl - Type: ACT_GATHER_INFO
2018-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-lldp-iosxr.nasl - Type: ACT_GATHER_INFO
2018-03-29 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-qos-ios.nasl - Type: ACT_GATHER_INFO
2018-03-29 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-qos-iosxe.nasl - Type: ACT_GATHER_INFO
2018-03-29 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180328-xesc.nasl - Type: ACT_GATHER_INFO
2018-03-01 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20180207-iosxe.nasl - Type: ACT_GATHER_INFO
2017-11-13 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20171103-bgp-ios_xe.nasl - Type: ACT_GATHER_INFO