Vulnerabilities > Cisco > High

DATE CVE VULNERABILITY TITLE RISK
2001-08-14 CVE-2001-0622 Authentication Bypass vulnerability in Cisco Content Service Switch Management
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
network
low complexity
cisco
7.5
2001-08-14 CVE-2001-0621 Unspecified vulnerability in Cisco Content Services Switch 11000
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
network
low complexity
cisco
7.5
2001-06-27 CVE-2001-0455 Unspecified vulnerability in Cisco Aironet 340
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
network
low complexity
cisco
7.5
2001-06-18 CVE-2001-0427 Improper Input Validation vulnerability in Cisco products
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
network
cisco CWE-20
7.1
2001-06-18 CVE-2001-0412 Unspecified vulnerability in Cisco products
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
local
low complexity
cisco
7.2
2001-05-03 CVE-2001-0288 Unspecified vulnerability in Cisco IOS
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
network
low complexity
cisco
7.5
2001-02-28 CVE-2004-1776 Unspecified vulnerability in Cisco IOS 12.1(3)/12.1(3)T
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
network
low complexity
cisco
7.5
2001-02-16 CVE-2001-0056 Unspecified vulnerability in Cisco Broadband Operating System 2.3.8/2.4.1
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.
network
low complexity
cisco
7.5
2001-02-16 CVE-2001-0041 Resource Management Errors vulnerability in Cisco Catos
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
network
low complexity
cisco CWE-399
7.8
2000-12-19 CVE-2000-0955 Remote Username and Password Retrieval vulnerability in Cisco Virtual Central Office 4000 5.1.3
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
network
low complexity
cisco
7.5