Vulnerabilities > Cisco > IOS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-05-03 | CVE-2001-0288 | Unspecified vulnerability in Cisco IOS Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 2001-02-28 | CVE-2004-1776 | Unspecified vulnerability in Cisco IOS 12.1(3)/12.1(3)T Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | 7.5 |
| 2000-04-26 | CVE-2000-0380 | Improper Input Validation vulnerability in Cisco IOS The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | 7.1 |
| 1999-12-31 | CVE-1999-1465 | Unspecified vulnerability in Cisco IOS Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | 7.5 |
| 1999-12-31 | CVE-1999-1464 | Unspecified vulnerability in Cisco IOS 11.1Cc/11.1Ct Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | 7.5 |
| 1999-12-31 | CVE-1999-1175 | Unspecified vulnerability in Cisco IOS Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | 7.5 |
| 1999-09-01 | CVE-1999-1129 | Unspecified vulnerability in Cisco Catalyst 2900 Vlan and IOS Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | 7.5 |
| 1997-10-01 | CVE-1999-0160 | Unspecified vulnerability in Cisco IOS Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | 7.5 |
| 1995-07-31 | CVE-1999-0161 | Unspecified vulnerability in Cisco IOS 10.3(3.4)/10.3(4.2) In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | 7.5 |
| 1992-12-10 | CVE-1999-1466 | Unspecified vulnerability in Cisco IOS Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | 7.5 |