Filtered by vendor Cisco
Subscribe
Total
6072 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0601 | 1 Cisco | 1 Application And Content Networking Software | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access. | |||||
| CVE-2005-0599 | 1 Cisco | 1 Application And Content Networking Software | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. | |||||
| CVE-2004-1776 | 1 Cisco | 1 Ios | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | |||||
| CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2017-07-11 | 10.0 HIGH | N/A |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | |||||
| CVE-2004-1759 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. | |||||
| CVE-2004-1461 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. | |||||
| CVE-2004-1460 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. | |||||
| CVE-2004-1459 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests. | |||||
| CVE-2004-1454 | 1 Cisco | 1 Ios | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | |||||
| CVE-2004-1322 | 1 Cisco | 1 Unity Server | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | |||||
| CVE-2004-1164 | 1 Cisco | 1 Cns Network Registrar | 2017-07-11 | 5.0 MEDIUM | N/A |
| The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence." | |||||
| CVE-2004-1163 | 1 Cisco | 1 Cns Network Registrar | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets. | |||||
| CVE-2004-1112 | 2 Cisco, Okena | 2 Security Agent, Stormwatch | 2017-07-11 | 5.1 MEDIUM | N/A |
| The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period. | |||||
| CVE-2004-0551 | 1 Cisco | 24 Catalyst 2901, Catalyst 2902, Catalyst 2926 and 21 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." | |||||
| CVE-2004-0391 | 1 Cisco | 2 Hosting Solution Engine, Wireless Lan Solution Engine | 2017-07-11 | 10.0 HIGH | N/A |
| Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration. | |||||
| CVE-2004-0352 | 1 Cisco | 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | |||||
| CVE-2003-1096 | 1 Cisco | 1 Leap | 2017-07-11 | 10.0 HIGH | N/A |
| The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. | |||||
| CVE-2002-1768 | 1 Cisco | 1 Ios | 2017-07-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | |||||
| CVE-2002-1190 | 1 Cisco | 1 Unity Server | 2017-07-11 | 7.5 HIGH | N/A |
| Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. | |||||