Cisco : Security Vulnerabilities, CVEs, Published In April 2014 (Denial of service)
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
Max CVSS
6.3
EPSS Score
0.11%
Published
2014-04-29
Updated
2021-10-05
Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520.
Max CVSS
6.1
EPSS Score
0.16%
Published
2014-04-29
Updated
2023-08-11
The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437.
Max CVSS
5.0
EPSS Score
0.19%
Published
2014-04-19
Updated
2014-04-21
Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469.
Max CVSS
5.0
EPSS Score
0.19%
Published
2014-04-23
Updated
2023-08-11
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.
Max CVSS
6.1
EPSS Score
0.16%
Published
2014-04-05
Updated
2014-04-07
The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.
Max CVSS
5.0
EPSS Score
0.19%
Published
2014-04-04
Updated
2014-04-04
Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870.
Max CVSS
5.0
EPSS Score
0.11%
Published
2014-04-12
Updated
2014-04-14
The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416.
Max CVSS
4.0
EPSS Score
0.11%
Published
2014-04-10
Updated
2014-04-10
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348.
Max CVSS
5.0
EPSS Score
0.19%
Published
2014-04-12
Updated
2014-04-14
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315.
Max CVSS
5.0
EPSS Score
0.19%
Published
2014-04-12
Updated
2014-04-14
The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052.
Max CVSS
7.1
EPSS Score
0.19%
Published
2014-04-10
Updated
2023-08-15
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
Max CVSS
6.1
EPSS Score
0.21%
Published
2014-04-24
Updated
2021-10-05
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518.
Max CVSS
4.0
EPSS Score
0.11%
Published
2014-04-23
Updated
2014-04-23
Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009.
Max CVSS
6.8
EPSS Score
0.12%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.
Max CVSS
5.4
EPSS Score
0.24%
Published
2014-04-23
Updated
2014-04-23
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-04-23
Updated
2014-04-23
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133.
Max CVSS
4.6
EPSS Score
0.06%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662.
Max CVSS
6.8
EPSS Score
0.12%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
Max CVSS
6.8
EPSS Score
0.11%
Published
2014-04-23
Updated
2021-10-05
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
Max CVSS
6.3
EPSS Score
0.12%
Published
2014-04-23
Updated
2014-04-23
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447.
Max CVSS
5.0
EPSS Score
0.26%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
Max CVSS
4.9
EPSS Score
0.04%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-04-23
Updated
2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.
Max CVSS
5.7
EPSS Score
0.21%
Published
2014-04-23
Updated
2014-04-23