Filtered by vendor Cisco
Subscribe
Total
6077 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1322 | 1 Cisco | 1 Unity Server | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | |||||
CVE-2003-1398 | 1 Cisco | 1 Ios | 2023-12-10 | 9.3 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | |||||
CVE-2004-0589 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | N/A |
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | |||||
CVE-1999-0415 | 1 Cisco | 1 Cisco 7xx Routers | 2023-12-10 | 7.5 HIGH | N/A |
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. | |||||
CVE-2000-1022 | 1 Cisco | 1 Pix Firewall Software | 2023-12-10 | 7.5 HIGH | N/A |
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands. | |||||
CVE-2004-0710 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
CVE-2004-1464 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | |||||
CVE-2004-1776 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||||
CVE-2004-1461 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. | |||||
CVE-2002-1222 | 1 Cisco | 1 Catos | 2023-12-10 | 7.1 HIGH | N/A |
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | |||||
CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||||
CVE-2002-0938 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | |||||
CVE-2002-0882 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2023-12-10 | 6.4 MEDIUM | N/A |
The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | |||||
CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2001-0757 | 1 Cisco | 1 6400 Nrp 2 | 2023-12-10 | 7.5 HIGH | N/A |
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | |||||
CVE-1999-1000 | 1 Cisco | 1 Cache Engine | 2023-12-10 | 5.0 MEDIUM | N/A |
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. | |||||
CVE-1999-1306 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
CVE-2001-0444 | 1 Cisco | 1 Cbos | 2023-12-10 | 2.1 LOW | N/A |
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
CVE-2002-0159 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002. |