CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Cisco : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-4285 399 DoS 2015-07-23 2015-07-24
5.0
None Remote Low Not required None None Partial
The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.
2 CVE-2015-4284 20 DoS 2015-07-22 2015-07-22
5.0
None Remote Low Not required None None Partial
The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.
3 CVE-2015-4283 399 DoS 2015-07-21 2015-07-21
7.8
None Remote Low Not required None None Complete
Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCuu35104 and CSCuu35128.
4 CVE-2015-4280 399 DoS 2015-07-18 2015-07-21
5.0
None Remote Low Not required None None Partial
Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844.
5 CVE-2015-4278 20 DoS 2015-07-16 2015-07-17
4.3
None Remote Medium Not required None None Partial
Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.
6 CVE-2015-4275 399 DoS 2015-07-16 2015-07-17
5.0
None Remote Low Not required None None Partial
The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534.
7 CVE-2015-4273 20 DoS 2015-07-15 2015-07-17
5.0
None Remote Low Not required None None Partial
The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager outage) via malformed fields in an IP packet, aka Bug ID CSCut38476.
8 CVE-2015-4269 399 DoS 2015-07-14 2015-07-14
4.0
None Remote Low Single system None None Partial
The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote authenticated users to cause a denial of service (management outage) by sending many requests, aka Bug ID CSCuu99709.
9 CVE-2015-4243 399 DoS 2015-07-08 2015-07-09
6.1
None Local Network Low Not required None None Complete
The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR 1000 devices allows remote attackers to cause a denial of service (device reload) by sending malformed PPPoE Active Discovery Request (PADR) packets on the local network, aka Bug ID CSCty94202.
10 CVE-2015-4241 399 DoS 2015-07-08 2015-07-09
6.1
None Local Network Low Not required None None Complete
Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of service (system reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCut52679.
11 CVE-2015-4240 399 DoS 2015-07-08 2015-07-09
5.0
None Remote Low Not required None None Partial
Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) via an unspecified URL in a GET request, aka Bug ID CSCuu37656.
12 CVE-2015-4239 399 DoS 2015-07-03 2015-07-08
6.1
None Local Network Low Not required None None Complete
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.
13 CVE-2015-4238 399 DoS 2015-07-02 2015-07-02
6.8
None Remote Low Single system None None Complete
The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601.
14 CVE-2015-4236 399 DoS 2015-07-10 2015-07-13
4.3
None Remote Medium Not required None None Partial
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.
15 CVE-2015-4230 399 DoS 2015-07-06 2015-07-08
7.8
None Remote Low Not required None None Complete
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91854.
16 CVE-2015-4228 399 DoS 2015-07-02 2015-07-02
5.4
None Remote High Not required None None Complete
Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of service (reboot) via malformed ad messages, aka Bug ID CSCur13999.
17 CVE-2015-4227 399 DoS 2015-06-30 2015-06-30
7.8
None Remote Low Not required None None Complete
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91838.
18 CVE-2015-4226 399 DoS 2015-06-30 2015-07-01
7.1
None Remote Medium Not required None None Complete
The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote attackers to cause a denial of service (device hang) by sending malformed RTP packets after a call is answered, aka Bug ID CSCur39976.
19 CVE-2015-4223 399 DoS 2015-06-25 2015-06-26
5.0
None Remote Low Not required None Partial None
Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478.
20 CVE-2015-4215 399 DoS 2015-06-24 2015-06-24
6.1
None Local Network Low Not required None None Complete
Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, aka Bug ID CSCuj01046.
21 CVE-2015-4205 399 DoS 2015-06-23 2015-06-23
5.7
None Local Network Medium Not required None None Complete
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.
22 CVE-2015-4204 399 DoS 2015-06-23 2015-06-23
6.8
None Remote Low Single system None None Complete
Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051.
23 CVE-2015-4203 362 DoS 2015-06-23 2015-06-23
5.4
None Remote High Not required None None Complete
Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.
24 CVE-2015-4201 20 DoS 2015-06-20 2015-06-22
5.0
None Remote Low Not required None None Partial
The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058.
25 CVE-2015-4200 399 DoS 2015-06-23 2015-06-30
7.8
None Remote Low Not required None None Complete
Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (memory consumption) by triggering an error during CPE negotiation, aka Bug ID CSCug00885.
26 CVE-2015-4199 362 DoS 2015-06-27 2015-06-29
7.1
None Remote Medium Not required None None Complete
Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer free and module crash) by triggering intermittent connectivity with many IPv6 CPE devices, aka Bug ID CSCug47366.
27 CVE-2015-4197 20 DoS 2015-06-20 2015-06-22
6.1
None Local Network Low Not required None None Complete
Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415.
28 CVE-2015-4195 399 DoS 2015-06-18 2015-06-19
4.0
None Remote Low Single system None None Partial
Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127.
29 CVE-2015-4191 399 DoS 2015-06-18 2015-06-19
5.0
None Remote Low Not required None None Partial
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
30 CVE-2015-0776 399 DoS 2015-06-12 2015-06-15
5.0
None Remote Low Not required None None Partial
telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566.
31 CVE-2015-0775 399 DoS 2015-06-12 2015-06-15
5.0
None Remote Low Not required None None Partial
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
32 CVE-2015-0772 399 DoS 2015-06-12 2015-06-15
7.1
None Remote Medium Not required None None Complete
Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.
33 CVE-2015-0771 399 DoS 2015-06-12 2015-06-12
6.3
None Remote Medium Single system None None Complete
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505.
34 CVE-2015-0769 399 DoS 2015-06-12 2015-06-15
7.8
None Remote Low Not required None None Complete
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.
35 CVE-2015-0765 399 DoS 2015-06-04 2015-06-04
5.0
None Remote Low Not required None None Partial
Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263.
36 CVE-2015-0756 20 DoS 2015-05-29 2015-06-02
6.1
None Local Network Low Not required None None Complete
Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a denial of service (wireless-networking outage) via crafted TCP traffic on the local network, aka Bug ID CSCug67104.
37 CVE-2015-0754 20 DoS +Info 2015-05-29 2015-06-02
7.5
None Remote Low Single system Partial None Complete
Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810.
38 CVE-2015-0751 20 DoS 2015-05-29 2015-06-02
7.8
None Remote Low Not required None None Complete
Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800.
39 CVE-2015-0746 254 DoS 2015-05-21 2015-06-03
5.0
None Remote Low Not required None None Partial
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.
40 CVE-2015-0744 399 DoS 2015-05-30 2015-06-03
7.8
None Remote Low Not required None None Complete
Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315.
41 CVE-2015-0743 399 DoS 2015-05-30 2015-06-02
5.0
None Remote Low Not required None None Partial
Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.
42 CVE-2015-0742 17 DoS 2015-05-21 2015-05-21
5.0
None Remote Low Not required None None Partial
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.
43 CVE-2015-0731 399 DoS 2015-05-15 2015-05-18
6.1
None Local Network Low Not required None None Complete
The ISDN implementation in Cisco IOS 15.3S allows remote attackers to cause a denial of service (device reload) via malformed Q931 SETUP messages, aka Bug ID CSCut37890.
44 CVE-2015-0730 20 DoS 2015-05-16 2015-05-18
5.0
None Remote Low Not required None None Partial
The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to cause a denial of service (module reload) via an invalid field in a Negotiate Protocol request, aka Bug ID CSCuo75645.
45 CVE-2015-0726 20 DoS 2015-05-16 2015-05-18
6.8
None Remote Low Single system None None Complete
The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252.
46 CVE-2015-0725 20 DoS 2015-07-16 2015-07-17
7.8
None Remote Low Not required None None Complete
Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.
47 CVE-2015-0723 399 DoS 2015-05-16 2015-05-18
6.1
None Local Network Low Not required None None Complete
The wireless web-authentication subsystem on Cisco Wireless LAN Controller (WLC) devices 7.5.x and 7.6.x before 7.6.120 allows remote attackers to cause a denial of service (process crash and device restart) via a crafted value, aka Bug ID CSCum03269.
48 CVE-2015-0722 399 DoS 2015-05-24 2015-05-26
7.8
None Remote Low Not required None None Complete
The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.
49 CVE-2015-0712 399 DoS 2015-05-01 2015-05-11
5.0
None Remote Low Not required None None Partial
The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and packet loss) via malformed HTTP packets, aka Bug ID CSCud14217.
50 CVE-2015-0711 399 DoS 2015-04-28 2015-05-11
5.0
None Remote Low Not required None None Partial
The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and call-processing outage) via malformed PM packets, aka Bug ID CSCut94711.
Total number of vulnerabilities : 1043   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.