Cisco iOS vulnerabilities
581 known vulnerabilities affecting cisco/ios.
Total CVEs
581
CISA KEV
36
actively exploited
Public exploits
28
Exploited in wild
36
Severity breakdown
CRITICAL32HIGH327MEDIUM211LOW11
Vulnerabilities
Page 23 of 30
CVE-2009-0635HIGHCVSS 7.1v12.4tv12.4xz+1 more2009-03-27
CVE-2009-0635 [HIGH] CWE-399 CVE-2009-0635: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4,
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
nvd
CVE-2009-0637HIGHCVSS 7.1v12.2v12.2b+184 more2009-03-27
CVE-2009-0637 [HIGH] CWE-264 CVE-2009-0637: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enfor
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
nvd
CVE-2009-0629MEDIUMCVSS 5.4v12.2v12.2b+184 more2009-03-27
CVE-2009-0629 [MEDIUM] CVE-2009-0629: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel C
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over T
nvd
CVE-2009-0470MEDIUMCVSS 4.3PoCv12.4\(23\)2009-02-06
CVE-2009-0470 [MEDIUM] CVE-2009-0470: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow r
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.
nvd
CVE-2009-0471MEDIUMCVSS 6.8v12.4\(23\)2009-02-06
CVE-2009-0471 [MEDIUM] CWE-352 CVE-2009-0471: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remo
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.
nvd
CVE-2008-3821MEDIUMCVSS 4.3PoCv12.0v12.0da+282 more2009-01-16
CVE-2008-3821 [MEDIUM] CWE-79 CVE-2008-3821: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
nvd
CVE-2008-4609HIGHCVSS 7.1v4.1v4.1.1+1455 more2008-10-20
CVE-2008-4609 [HIGH] CWE-16 CVE-2008-4609: The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cis
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
nvd
CVE-2008-3807CRITICALCVSS 9.3v12.2bcv12.2cx+3 more2008-09-26
CVE-2008-3807 [CRITICAL] CVE-2008-3807: Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, en
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
nvd
CVE-2008-3806HIGHCVSS 8.5v12.0sv12.0sl+9 more2008-09-26
CVE-2008-3806 [HIGH] CVE-2008-3806: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805.
nvd
CVE-2008-3812HIGHCVSS 7.1v12.4tv12.4xe+4 more2008-09-26
CVE-2008-3812 [HIGH] CVE-2008-3812: Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspect
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
nvd
CVE-2008-3810HIGHCVSS 7.8v12.4mdv12.4mr+15 more2008-09-26
CVE-2008-3810 [HIGH] CWE-20 CVE-2008-3810: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabl
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.
nvd
CVE-2008-3805HIGHCVSS 8.5v12.2bv12.2ca+9 more2008-09-26
CVE-2008-3805 [HIGH] CVE-2008-3805: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
nvd
CVE-2008-3809HIGHCVSS 7.1v12.0v12.0da+202 more2008-09-26
CVE-2008-3809 [HIGH] CVE-2008-3809: Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
nvd
CVE-2008-3804HIGHCVSS 7.1v12.2v12.42008-09-26
CVE-2008-3804 [HIGH] CVE-2008-3804: Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MF
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.
nvd
CVE-2008-3802HIGHCVSS 7.1v12.2bv12.2bx+83 more2008-09-26
CVE-2008-3802 [HIGH] CVE-2008-3802: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.
nvd
CVE-2008-3798HIGHCVSS 7.8v12.4v12.4mr2008-09-26
CVE-2008-3798 [HIGH] CVE-2008-3798: Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, pro
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
nvd
CVE-2008-3813HIGHCVSS 7.8v12.2sev12.2sg+7 more2008-09-26
CVE-2008-3813 [HIGH] CVE-2008-3813: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled,
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
nvd
CVE-2008-2739HIGHCVSS 7.8v12.3tv12.3xl+21 more2008-09-26
CVE-2008-2739 [HIGH] CVE-2008-2739: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
nvd
CVE-2008-3808HIGHCVSS 7.8v12.0v12.0da+250 more2008-09-26
CVE-2008-3808 [HIGH] CVE-2008-3808: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial o
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
nvd
CVE-2008-3800HIGHCVSS 7.1v12.2v12.3+1 more2008-09-26
CVE-2008-3800 [HIGH] CVE-2008-3800: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability tha
nvd