Vulnerabilities > Cisco

DATE CVE VULNERABILITY TITLE RISK
2016-03-26 CVE-2016-1351 Resource Management Errors vulnerability in Cisco IOS and Nx-Os
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
network
low complexity
cisco CWE-399
7.5
2016-03-26 CVE-2016-1350 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
network
low complexity
cisco samsung sun zyxel lenovo zzinc CWE-399
7.5
2016-03-26 CVE-2016-1349 Resource Management Errors vulnerability in multiple products
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
network
low complexity
cisco samsung sun intel zyxel netgear zzinc CWE-399
7.5
2016-03-26 CVE-2016-1348 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
network
low complexity
cisco samsung sun zyxel netgear zzinc CWE-399
7.5
2016-03-26 CVE-2016-1344 Resource Management Errors vulnerability in multiple products
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
network
high complexity
cisco samsung sun zyxel lenovo netgear zzinc CWE-399
5.9
2016-03-24 CVE-2016-1366 Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XR
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.
network
low complexity
cisco CWE-264
6.5
2016-03-24 CVE-2016-1347 Resource Management Errors vulnerability in Cisco IOS
The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.
network
low complexity
cisco CWE-399
7.5
2016-03-12 CVE-2016-1361 Resource Management Errors vulnerability in Cisco IOS XR
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.
high complexity
cisco CWE-399
5.3
2016-03-12 CVE-2016-1360 Information Exposure vulnerability in Cisco Prime LAN Management Solution
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
local
low complexity
cisco CWE-200
7.1
2016-03-12 CVE-2016-1338 Resource Management Errors vulnerability in Cisco Telepresence Video Communication Server Software X8.5.1/X8.5.2
Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.
network
low complexity
cisco CWE-399
6.5