Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Product filter

Ios Subscribe

Filter

19 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-12668 1 Cisco 2 Ios, Ios Xe 2019-10-09 3.5
A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software...
CVE-2018-0197 1 Cisco 2 Ios, Ios Xe 2019-10-09 3.3
A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of...
CVE-2018-0163 1 Cisco 1 Ios 2019-10-09 3.3
A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a...
CVE-2017-12289 1 Cisco 1 Ios 2019-10-09 2.1
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect...
CVE-2017-12238 1 Cisco 1 Ios 2019-10-09 3.3
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to...
CVE-2017-3803 1 Cisco 1 Ios 2019-10-03 3.3
A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial...
CVE-2017-6665 1 Cisco 2 Ios Xe, Ios 2019-10-03 3.3
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are...
CVE-2005-3921 1 Cisco 1 Ios 2018-10-19 2.6
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of...
CVE-2006-4650 1 Cisco 1 Ios 2018-10-17 2.6
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from...
CVE-2005-2451 1 Cisco 2 Ios Xr, Ios 2017-10-11 2.1
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
CVE-2012-3924 1 Cisco 1 Ios 2017-08-29 3.5
The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving...
CVE-2012-3923 1 Cisco 1 Ios 2017-08-29 3.5
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a...
CVE-1999-0524 9 Santa Cruz Operation, Apple, Linux and 6 more 12 Hp-ux, Aix, Ios and 9 more 2017-07-11 0.0
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2015-6375 1 Cisco 1 Ios 2016-11-28 2.1
The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010.
CVE-2000-0368 1 Cisco 1 Ios 2016-09-21 2.1
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
CVE-2012-1344 1 Cisco 1 Ios 2013-04-02 3.5
Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal page, as demonstrated by the Android browser,...
CVE-2011-3289 1 Cisco 1 Ios 2012-10-30 3.6
Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640.
CVE-2007-5549 1 Cisco 1 Ios 2008-11-15 2.1
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE:...
CVE-2000-0345 1 Cisco 7 Router 3600, Ios, Router 2500 and 4 more 2008-09-10 2.1
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.