Vulnerabilities > Cisco > IOS > 12.2.33.sxj9

DATE CVE VULNERABILITY TITLE RISK
2017-08-07 CVE-2017-6770 Improper Input Validation vulnerability in Cisco products
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database.
network
high complexity
cisco CWE-20
4.2
4.2
2017-08-02 CVE-2012-5030 Resource Management Errors vulnerability in Cisco IOS
Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects.
network
low complexity
cisco CWE-399
6.8
6.8
2017-07-17 CVE-2017-6743 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
critical
 9.0
9.0
2017-07-17 CVE-2017-6736 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
critical
 9.0
9.0
2017-04-20 CVE-2017-3863 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE
Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
7.8
7.8
2017-04-20 CVE-2017-3862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE
Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
7.8
7.8
2017-04-20 CVE-2017-3861 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE
Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
7.8
7.8
2017-04-20 CVE-2017-3860 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE
Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
7.8
7.8
2017-03-22 CVE-2017-3857 Resource Exhaustion vulnerability in Cisco IOS XE
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-400
7.8
7.8
2016-10-06 CVE-2016-6422 Improper Input Validation vulnerability in Cisco IOS 12.2(33)Sxj9
Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.
network
cisco CWE-20
4.3
4.3