Cisco iOS vulnerabilities

581 known vulnerabilities affecting cisco/ios.

Total CVEs

581

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL32HIGH327MEDIUM211LOW11

Vulnerabilities

Page 25 of 30

CVE-2007-4263HIGHCVSS 8.5v12.22007-08-08

CVE-2007-4263 [HIGH] CVE-2007-4263: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-b Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.

nvd

CVE-2007-2688HIGHCVSS 7.8v10.0v11.1cc+10 more2007-05-16

CVE-2007-2688 [HIGH] CVE-2007-2688: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly ha The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

nvd

CVE-2007-2586CRITICALCVSS 9.3PoCv12.0\(1\)tv12.0\(1\)t1+378 more2007-05-10

CVE-2007-2586 [CRITICAL] CWE-863 CVE-2007-2586: The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allo The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

nvd

CVE-2007-2587MEDIUMCVSS 6.3≥ 11.3, ≤ 12.42007-05-10

CVE-2007-2587 [MEDIUM] CVE-2007-2587: The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denia The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).

nvd

CVE-2007-1258MEDIUMCVSS 6.1v12.2\(18\)sxf4v12.2sxa+3 more2007-03-03

CVE-2007-1258 [MEDIUM] CVE-2007-1258: Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 r Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet.

nvd

CVE-2007-0918HIGHCVSS 7.1v12.3tv12.3xq+23 more2007-02-14

CVE-2007-0918 [HIGH] CVE-2007-0918: The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4X The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffi

nvd

CVE-2007-0917MEDIUMCVSS 6.4v12.3tv12.3xq+23 more2007-02-14

CVE-2007-0917 [MEDIUM] CVE-2007-0917: The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

nvd

CVE-2007-0648HIGHCVSS 7.8v12.3\(14\)tv12.3\(14\)t2+51 more2007-02-01

CVE-2007-0648 [HIGH] CVE-2007-0648: Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session I Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.

nvd

CVE-2007-0199MEDIUMCVSS 5.0≤ 12.4v11.02007-01-11

CVE-2007-0199 [MEDIUM] CVE-2007-0199: The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cau The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."

nvd

CVE-2006-4950CRITICALCVSS 10.0≤ 12.3v12.3\(1a\)+226 more2006-09-23

CVE-2006-4950 [CRITICAL] CVE-2006-4950: Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrat Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string a

nvd

CVE-2006-4774HIGHCVSS 7.8v12.1\(19\)2006-09-14

CVE-2006-4774 [HIGH] CWE-399 CVE-2006-4774: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a de The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.

nvd

CVE-2006-4775HIGHCVSS 7.8v12.1\(19\)2006-09-14

CVE-2006-4775 [HIGH] CWE-399 CVE-2006-4775: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.

nvd

CVE-2006-4776HIGHCVSS 7.5v12.1\(19\)2006-09-14

CVE-2006-4776 [HIGH] CWE-119 CVE-2006-4776: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.

nvd

CVE-2006-4650LOWCVSS 2.6v12.0v12.1+1 more2006-09-09

CVE-2006-4650 [LOW] CVE-2006-4650: Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are m Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassi

nvd

CVE-2006-3291CRITICALCVSS 9.3v12.3\(8\)jav12.3\(8\)ja12006-06-28

CVE-2006-3291 [CRITICAL] CWE-16 CVE-2006-3291: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.

nvd

CVE-2006-0486MEDIUMCVSS 4.6v12.2\(25\)sv12.3t+1 more2006-02-01

CVE-2006-0486 [MEDIUM] CVE-2006-0486: Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or by

nvd

CVE-2006-0485MEDIUMCVSS 4.6v12.0tv12.0xh+128 more2006-02-01

CVE-2006-0485 [MEDIUM] CVE-2006-0485: The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain o The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh7304

nvd

CVE-2006-0340HIGHCVSS 7.1v12.0v12.0s+106 more2006-01-21

CVE-2006-0340 [HIGH] CWE-20 CVE-2006-0340: Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 1 Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.

nvd

CVE-2005-4826MEDIUMCVSS 6.1v12.1\(22\)ea32005-12-31

CVE-2005-4826 [MEDIUM] CVE-2005-4826: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Ca Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.

nvd

CVE-2005-4258HIGHCVSS 7.8v11.2\(8.2\)sa6v12.0\(5.2\)xu2005-12-15

CVE-2005-4258 [HIGH] CVE-2005-4258: Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device cras Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.

nvd

← Previous25 / 30Next →