| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-1241 |
287 |
|
DoS |
2013-05-08 |
2013-05-08 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
|
The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025. |
|
2 |
CVE-2013-1217 |
119 |
|
DoS Overflow |
2013-04-24 |
2013-04-24 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
|
The generic input/output control implementation in Cisco IOS does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests at the same time, aka Bug ID CSCub41105. |
|
3 |
CVE-2013-1148 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. |
|
4 |
CVE-2013-1147 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. |
|
5 |
CVE-2013-1146 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. |
|
6 |
CVE-2013-1145 |
399 |
|
DoS |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174. |
|
7 |
CVE-2013-1144 |
399 |
|
DoS |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055. |
|
8 |
CVE-2013-1143 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. |
|
9 |
CVE-2013-1142 |
362 |
|
DoS |
2013-03-28 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. |
|
10 |
CVE-2013-1136 |
399 |
|
DoS |
2013-05-13 |
2013-05-13 |
4.6 |
None |
Local |
Low |
Single system |
None |
None |
Complete |
|
The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor crash) by creating multiple tunnels and then examining encryption statistics, aka Bug ID CSCuc52193. |
|
11 |
CVE-2013-1100 |
399 |
|
DoS |
2013-02-13 |
2013-02-14 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
|
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853. |
|
12 |
CVE-2012-4623 |
20 |
|
DoS |
2012-09-26 |
2013-03-01 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed DHCPv6 packet, aka Bug ID CSCto57723. |
|
13 |
CVE-2012-4621 |
399 |
|
DoS |
2012-09-26 |
2013-02-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049. |
|
14 |
CVE-2012-4620 |
399 |
|
DoS |
2012-09-26 |
2013-02-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808. |
|
15 |
CVE-2012-4619 |
399 |
|
DoS |
2012-09-26 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123. |
|
16 |
CVE-2012-4618 |
399 |
|
DoS |
2012-09-26 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183. |
|
17 |
CVE-2012-4617 |
20 |
|
DoS |
2012-09-26 |
2013-02-13 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914. |
|
18 |
CVE-2012-3950 |
399 |
|
DoS |
2012-09-26 |
2013-02-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976. |
|
19 |
CVE-2012-3949 |
20 |
|
DoS |
2012-09-26 |
2013-02-21 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664. |
|
20 |
CVE-2012-3924 |
|
|
DoS |
2012-09-16 |
2013-03-25 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
|
The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961. |
|
21 |
CVE-2012-3923 |
|
|
DoS |
2012-09-16 |
2013-03-25 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
|
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827. |
|
22 |
CVE-2012-3915 |
119 |
|
DoS Overflow |
2012-09-16 |
2013-03-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service (persistent IKE state) via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602. |
|
23 |
CVE-2012-3895 |
|
|
DoS |
2012-09-16 |
2013-01-24 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
|
Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224. |
|
24 |
CVE-2012-3893 |
|
|
DoS |
2012-09-16 |
2012-09-17 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
|
The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622. |
|
25 |
CVE-2012-3079 |
399 |
|
DoS |
2012-09-16 |
2013-01-24 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957. |
|
26 |
CVE-2012-1367 |
20 |
|
DoS |
2012-08-06 |
2012-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538. |
|
27 |
CVE-2012-1361 |
200 |
|
+Info |
2012-08-06 |
2012-08-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750. |
|
28 |
CVE-2012-1350 |
|
|
DoS |
2012-08-06 |
2012-08-06 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426. |
|
29 |
CVE-2012-1344 |
119 |
|
DoS Overflow |
2012-08-06 |
2013-04-01 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
|
Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal page, as demonstrated by the Android browser, aka Bug ID CSCtr86328. |
|
30 |
CVE-2012-1338 |
362 |
|
DoS |
2012-08-06 |
2013-04-01 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
|
Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664. |
|
31 |
CVE-2012-1327 |
16 |
|
DoS |
2012-05-03 |
2012-05-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391. |
|
32 |
CVE-2012-1324 |
362 |
|
DoS |
2012-05-03 |
2012-05-10 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, aka Bug ID CSCtk53534. |
|
33 |
CVE-2012-1315 |
399 |
|
DoS |
2012-03-29 |
2012-08-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the SIP inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit SIP traffic, aka Bug ID CSCti46171. |
|
34 |
CVE-2012-1314 |
399 |
|
DoS |
2012-03-29 |
2012-07-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit traffic, aka Bug ID CSCtt45381. |
|
35 |
CVE-2012-1312 |
399 |
|
DoS |
2012-03-29 |
2012-07-10 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (device reload) via crafted transit traffic, aka Bug IDs CSCtq64987 and CSCtu57226. |
|
36 |
CVE-2012-1311 |
399 |
|
DoS |
2012-03-29 |
2012-08-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge and service outage) via crafted RSVP packets, aka Bug ID CSCts80643. |
|
37 |
CVE-2012-1310 |
399 |
|
DoS |
2012-03-29 |
2012-08-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted IP packets, aka Bug ID CSCto89536. |
|
38 |
CVE-2012-0388 |
399 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed transit H.323 traffic, aka Bug ID CSCtq45553. |
|
39 |
CVE-2012-0387 |
399 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the HTTP Inspection Engine feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit HTTP traffic, aka Bug ID CSCtq36153. |
|
40 |
CVE-2012-0386 |
310 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064. |
|
41 |
CVE-2012-0385 |
20 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051. |
|
42 |
CVE-2012-0384 |
264 |
|
Exec Code Bypass |
2012-03-29 |
2013-03-25 |
8.5 |
None |
Remote |
Medium |
Single system |
Complete |
Complete |
Complete |
|
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106. |
|
43 |
CVE-2012-0383 |
399 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (memory consumption, and device hang or reload) via SIP packets that require translation, related to a "memory starvation vulnerability," aka Bug ID CSCti35326. |
|
44 |
CVE-2012-0382 |
399 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) via encapsulated IGMP data in an MSDP packet, aka Bug ID CSCtr28857. |
|
45 |
CVE-2012-0381 |
310 |
|
DoS |
2012-03-29 |
2013-03-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429. |
|
46 |
CVE-2012-0362 |
264 |
|
Bypass |
2012-05-02 |
2012-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106. |
|
47 |
CVE-2012-0339 |
20 |
|
|
2012-05-02 |
2012-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish TELNET connections from arbitrary source IP addresses via a standard TELNET client, aka Bug ID CSCsi77774. |
|
48 |
CVE-2012-0338 |
20 |
|
|
2012-05-02 |
2012-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113. |
|
49 |
CVE-2011-4231 |
20 |
|
DoS |
2012-05-03 |
2012-05-11 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
|
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128. |
|
50 |
CVE-2011-4019 |
399 |
|
DoS |
2012-05-03 |
2012-05-30 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
|
Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883. |
