Vulnerabilities > Cisco > IOS > 12.3.17a.bc1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-23 | CVE-2012-5032 | Improper Authentication vulnerability in Cisco IOS The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641. | 6.4 |
| 2014-04-23 | CVE-2012-5017 | Improper Input Validation vulnerability in Cisco products Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. | 6.8 |
| 2014-04-23 | CVE-2012-5014 | Denial-Of-Service vulnerability in IOS Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436. network cisco | 6.3 |
| 2014-04-23 | CVE-2012-4658 | Improper Authentication vulnerability in Cisco IOS The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447. | 5.0 |
| 2014-04-23 | CVE-2012-4651 | Numeric Errors vulnerability in Cisco IOS Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. | 4.3 |
| 2014-04-23 | CVE-2012-3918 | Denial-Of-Service vulnerability in Cisco IOS Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317. network cisco | 4.3 |
| 2014-04-04 | CVE-2014-2143 | Denial of Service vulnerability in Cisco IOS XE The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. | 5.0 |
| 2014-03-21 | CVE-2014-2124 | Resource Management Errors vulnerability in Cisco IOS Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783. | 7.1 |
| 2013-11-22 | CVE-2013-6693 | Buffer Errors vulnerability in Cisco IOS The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. | 5.4 |
| 2013-11-18 | CVE-2013-6686 | Improper Input Validation vulnerability in Cisco IOS The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568. | 6.8 |