Filtered by vendor Cisco Subscriptions
Filtered by product Ios Subscriptions
Total 598 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-1306 1 Cisco 1 Ios 2024-11-21 N/A
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
CVE-1999-1175 1 Cisco 1 Ios 2024-11-21 N/A
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
CVE-1999-1129 1 Cisco 2 Catalyst 2900 Vlan, Ios 2024-11-21 N/A
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.
CVE-1999-0775 1 Cisco 1 Ios 2024-11-21 N/A
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
CVE-1999-0524 11 Apple, Cisco, Hp and 8 more 14 Mac Os X, Macos, Ios and 11 more 2024-11-21 N/A
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-1999-0445 1 Cisco 1 Ios 2024-11-21 N/A
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
CVE-1999-0293 1 Cisco 1 Ios 2024-11-21 N/A
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
CVE-1999-0230 1 Cisco 1 Ios 2024-11-21 N/A
Buffer overflow in Cisco 7xx routers through the telnet service.
CVE-1999-0162 1 Cisco 1 Ios 2024-11-21 N/A
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.
CVE-1999-0161 1 Cisco 1 Ios 2024-11-21 N/A
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.
CVE-1999-0160 1 Cisco 1 Ios 2024-11-21 N/A
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
CVE-1999-0159 1 Cisco 1 Ios 2024-11-21 N/A
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
CVE-1999-0157 1 Cisco 2 Ios, Pix Firewall Software 2024-11-21 N/A
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
CVE-1999-0063 1 Cisco 1 Ios 2024-11-21 N/A
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
CVE-1999-0016 6 Cisco, Gnu, Hp and 3 more 8 Ios, Inet, Hp-ux and 5 more 2024-11-21 N/A
Land IP denial of service.
CVE-2024-20465 1 Cisco 1 Ios 2024-10-24 5.8 Medium
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.
CVE-2024-20433 1 Cisco 2 Ios, Ios Xe 2024-10-03 8.6 High
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
CVE-2024-20414 1 Cisco 2 Ios, Ios Xe 2024-10-02 6.5 Medium
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. An attacker could exploit this vulnerability by persuading a currently authenticated administrator to follow a crafted link. A successful exploit could allow the attacker to change the configuration of the affected device.