Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-10-18 | CVE-2001-0751 | Remote Security vulnerability in CBOS Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 2001-09-12 | CVE-2001-1105 | RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | 7.5 |
| 2001-08-14 | CVE-2001-0622 | Authentication Bypass vulnerability in Cisco Content Service Switch Management The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | 7.5 |
| 2001-08-14 | CVE-2001-0621 | Unspecified vulnerability in Cisco Content Services Switch 11000 The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | 7.5 |
| 2001-06-27 | CVE-2001-0455 | Unspecified vulnerability in Cisco Aironet 340 Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | 7.5 |
| 2001-06-18 | CVE-2001-0427 | Improper Input Validation vulnerability in Cisco products Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | 7.1 |
| 2001-06-18 | CVE-2001-0412 | Unspecified vulnerability in Cisco products Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | 7.2 |
| 2001-05-03 | CVE-2001-0288 | Unspecified vulnerability in Cisco IOS Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 2001-02-28 | CVE-2004-1776 | Unspecified vulnerability in Cisco IOS 12.1(3)/12.1(3)T Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | 7.5 |
| 2001-02-16 | CVE-2001-0056 | Unspecified vulnerability in Cisco Broadband Operating System 2.3.8/2.4.1 The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | 7.5 |