Filtered by vendor Cisco
Subscribe
Total
6073 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0427 | 1 Cisco | 6 Vpn 3000 Concentrator, Vpn 3005 Concentrator, Vpn 3015 Concentrator and 3 more | 2023-12-10 | 7.1 HIGH | N/A |
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | |||||
CVE-2002-1101 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name. | |||||
CVE-1999-1001 | 1 Cisco | 1 Cache Engine | 2023-12-10 | 2.6 LOW | N/A |
Cisco Cache Engine allows a remote attacker to gain access via a null username and password. | |||||
CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2023-12-10 | 7.5 HIGH | N/A |
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2023-12-10 | 7.5 HIGH | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
CVE-2002-1597 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface. | |||||
CVE-2002-1106 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks. | |||||
CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | |||||
CVE-2001-1434 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||||
CVE-2003-1001 | 1 Cisco | 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. | |||||
CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | |||||
CVE-2002-0778 | 1 Cisco | 8 Cache Engine 505, Cache Engine 550, Cache Engine 570 and 5 more | 2023-12-10 | 7.5 HIGH | N/A |
The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP. | |||||
CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 10.0 HIGH | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | |||||
CVE-2002-1095 | 1 Cisco | 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | |||||
CVE-2004-0391 | 1 Cisco | 2 Hosting Solution Engine, Wireless Lan Solution Engine | 2023-12-10 | 10.0 HIGH | N/A |
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration. | |||||
CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2023-12-10 | 6.4 MEDIUM | N/A |
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2023-12-10 | 7.2 HIGH | N/A |
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||||
CVE-1999-1216 | 1 Cisco | 1 Router | 2023-12-10 | 7.5 HIGH | N/A |
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. | |||||
CVE-2002-1768 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | |||||
CVE-2002-1092 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2023-12-10 | 7.5 HIGH | N/A |
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. |