Vulnerabilities > Cisco > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-08-14 | CVE-2001-0622 | Authentication Bypass vulnerability in Cisco Content Service Switch Management The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | 7.5 |
2001-08-14 | CVE-2001-0621 | Unspecified vulnerability in Cisco Content Services Switch 11000 The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | 7.5 |
2001-06-27 | CVE-2001-0455 | Unspecified vulnerability in Cisco Aironet 340 Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | 7.5 |
2001-06-18 | CVE-2001-0427 | Improper Input Validation vulnerability in Cisco products Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | 7.1 |
2001-06-18 | CVE-2001-0412 | Unspecified vulnerability in Cisco products Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | 7.2 |
2001-05-03 | CVE-2001-0288 | Unspecified vulnerability in Cisco IOS Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
2001-02-28 | CVE-2004-1776 | Unspecified vulnerability in Cisco IOS 12.1(3)/12.1(3)T Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | 7.5 |
2001-02-16 | CVE-2001-0056 | Unspecified vulnerability in Cisco Broadband Operating System 2.3.8/2.4.1 The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | 7.5 |
2001-02-16 | CVE-2001-0041 | Resource Management Errors vulnerability in Cisco Catos Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | 7.8 |
2000-12-19 | CVE-2000-0955 | Remote Username and Password Retrieval vulnerability in Cisco Virtual Central Office 4000 5.1.3 Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges. | 7.5 |