Cisco iOS vulnerabilities

581 known vulnerabilities affecting cisco/ios.

Total CVEs

581

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL32HIGH327MEDIUM211LOW11

Vulnerabilities

Page 20 of 30

CVE-2011-0944HIGHCVSS 7.8v12.4v15.0+1 more2011-10-03

CVE-2011-0944 [HIGH] CWE-399 CVE-2011-0944: Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.

nvd

CVE-2011-3274MEDIUMCVSS 6.1v12.2\(33\)srev12.2\(33\)sre0a+6 more2011-10-03

CVE-2011-3274 [MEDIUM] CVE-2011-3274: Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919.

nvd

CVE-2011-1624HIGHCVSS 7.8v12.2\(58\)se2011-08-18

CVE-2011-1624 [HIGH] CWE-399 CVE-2011-1624: Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial o Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial of service (device reload) by establishing two SSH2 sessions, aka Bug ID CSCto62631.

nvd

CVE-2011-1625MEDIUMCVSS 5.4v12.2v12.3+3 more2011-08-18

CVE-2011-1625 [MEDIUM] CVE-2011-1625: Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configure Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.

nvd

CVE-2011-2064HIGHCVSS 7.8v12.4\(24\)md1v12.4\(24\)md2+4 more2011-07-11

CVE-2011-2064 [HIGH] CWE-399 CVE-2011-2064: Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services Gateway - Second Generation (CSG Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services Gateway - Second Generation (CSG2) allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets, aka Bug ID CSCtl79577.

nvd

CVE-2011-2395MEDIUMCVSS 5.0v4.1v4.1.1+1407 more2011-06-09

CVE-2011-2395 [MEDIUM] CWE-16 CVE-2011-2395: The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remo The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated by (1) a packet in which the first fragment contains a

nvd

CVE-2011-0935CRITICALCVSS 10.0v15.0v15.12011-04-14

CVE-2011-0935 [CRITICAL] CVE-2011-0935: The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain publi The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685.

nvd

CVE-2011-0349HIGHCVSS 7.8v12.4\(24\)mdv12.4\(24\)md12011-01-28

CVE-2011-0349 [HIGH] CVE-2011-0349: Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services G Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-2011-0350.

nvd

CVE-2011-0350HIGHCVSS 7.8v12.4\(24\)mdv12.4\(24\)md12011-01-28

CVE-2011-0350 [HIGH] CVE-2011-0350: Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services G Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different vulnerability than CVE-2011-0349.

nvd

CVE-2011-0348MEDIUMCVSS 6.4v12.4\(11\)mdv12.4\(15\)md+5 more2011-01-28

CVE-2011-0348 [MEDIUM] CWE-264 CVE-2011-0348: Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4 Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted des

nvd

CVE-2010-4683HIGHCVSS 7.8fixed in 15.0\(1\)xa52011-01-07

CVE-2010-4683 [HIGH] CWE-772 CVE-2010-4683: Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.

nvd

CVE-2010-4686HIGHCVSS 7.8fixed in 15.0\(1\)xa12011-01-07

CVE-2010-4686 [HIGH] CWE-400 CVE-2010-4686: CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950.

nvd

CVE-2009-5038HIGHCVSS 7.8fixed in 15.0\(1\)xa2011-01-07

CVE-2009-5038 [HIGH] CWE-20 CVE-2009-5038: Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336.

nvd

CVE-2010-4671HIGHCVSS 7.8fixed in 15.0\(1\)xa52011-01-07

CVE-2010-4671 [HIGH] CWE-400 CVE-2010-4671: The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CS

nvd

CVE-2010-4684HIGHCVSS 7.1fixed in 15.0\(1\)xa12011-01-07

CVE-2010-4684 [HIGH] CWE-20 CVE-2010-4684: Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to caus Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877.

nvd

CVE-2010-4687MEDIUMCVSS 5.0fixed in 15.0\(1\)xa12011-01-07

CVE-2010-4687 [MEDIUM] CWE-20 CVE-2010-4687: STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552.

nvd

CVE-2010-4685MEDIUMCVSS 4.0fixed in 15.0\(1\)xa12011-01-07

CVE-2010-4685 [MEDIUM] CWE-295 CVE-2010-4685: Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.

nvd

CVE-2009-5040MEDIUMCVSS 6.8≤ 15.0xav4.1+1548 more2011-01-07

CVE-2009-5040 [MEDIUM] CWE-399 CVE-2009-5040: CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.

nvd

CVE-2009-5039MEDIUMCVSS 5.0fixed in 15.0\(1\)xa2011-01-07

CVE-2009-5039 [MEDIUM] CWE-772 CVE-2009-5039: Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS befor Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535.

nvd

CVE-2010-2829HIGHCVSS 7.8v12.1tv12.1xi+167 more2010-09-23

CVE-2010-2829 [HIGH] CVE-2010-2829: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 throug Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567.

nvd

← Previous20 / 30Next →