Filtered by vendor Cisco
Subscriptions
Filtered by product Ios
Subscriptions
Total
598 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-1306 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | ||||
CVE-1999-1175 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | ||||
CVE-1999-1129 | 1 Cisco | 2 Catalyst 2900 Vlan, Ios | 2024-11-21 | N/A |
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | ||||
CVE-1999-0775 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | ||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2024-11-21 | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | ||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | ||||
CVE-1999-0293 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
AAA authentication on Cisco systems allows attackers to execute commands without authorization. | ||||
CVE-1999-0230 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Buffer overflow in Cisco 7xx routers through the telnet service. | ||||
CVE-1999-0162 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | ||||
CVE-1999-0161 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | ||||
CVE-1999-0160 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | ||||
CVE-1999-0159 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | ||||
CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2024-11-21 | N/A |
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | ||||
CVE-1999-0063 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | ||||
CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2024-11-21 | N/A |
Land IP denial of service. | ||||
CVE-2024-20465 | 1 Cisco | 1 Ios | 2024-10-24 | 5.8 Medium |
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. | ||||
CVE-2024-20433 | 1 Cisco | 2 Ios, Ios Xe | 2024-10-03 | 8.6 High |
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. | ||||
CVE-2024-20414 | 1 Cisco | 2 Ios, Ios Xe | 2024-10-02 | 6.5 Medium |
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. An attacker could exploit this vulnerability by persuading a currently authenticated administrator to follow a crafted link. A successful exploit could allow the attacker to change the configuration of the affected device. |