Vulnerabilities > Cisco > IOS > 12.0.27.s5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-25 | CVE-2014-3409 | Resource Management Errors vulnerability in Cisco IOS XE The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406. | 6.1 |
| 2014-05-16 | CVE-2014-3262 | Improper Input Validation vulnerability in Cisco IOS XE The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782. | 4.3 |
| 2014-04-24 | CVE-2012-3946 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682. | 5.0 |
| 2014-04-23 | CVE-2012-5427 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518. | 4.0 |
| 2014-04-23 | CVE-2012-5422 | Denial-Of-Service vulnerability in Cisco IOS Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009. | 6.8 |
| 2014-04-23 | CVE-2012-5044 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809. | 5.4 |
| 2014-04-23 | CVE-2012-5039 | Resource Management Errors vulnerability in Cisco IOS The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003. | 4.3 |
| 2014-04-23 | CVE-2012-5037 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133. | 4.6 |
| 2014-04-23 | CVE-2012-5032 | Improper Authentication vulnerability in Cisco IOS The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641. | 6.4 |
| 2014-04-23 | CVE-2012-5017 | Improper Input Validation vulnerability in Cisco products Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. | 6.8 |