【概要】
日 |
CVE番号 |
NVD |
CVSS v3 |
CWE |
脆弱性 |
備考 |
---|---|---|---|---|---|---|
2017/09/07 | CVE-2017-6627 | NVD | 7.5(NVD) |
CWE-404 CWE-399 |
リソースの不適切なシャットダウンおよびリリース リソース管理の問題 |
Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12231 | NVD | 7.5(NVD) |
CWE-399 | リソース管理の問題 | Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12232 | NVD | 6.5(NVD) | CWE-399 | リソース管理の問題 | Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12233 | NVD | 7.5(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12234 | NVD | 7.5(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12235 | NVD | 7.5(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12237 | NVD | 7.5(NVD) |
CWE-400 CWE-399 |
リソースの枯渇 リソース管理の問題 |
Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability |
2017/09/28 | CVE-2017-12240 | NVD | 9.8(NVD) |
CWE-20 CWE-119 |
不適切な入力確認 バッファエラー |
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability |
2018/03/27 | CVE-2017-12319 | NVD | 5.9(NVD) | CWE-20 | 不適切な入力確認 | Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability |
2018/03/08 | CVE-2018-0125 | NVD | 9.8(NVD) |
CWE-20 | 不適切な入力確認 | Cisco VPN Routers Remote Code Execution Vulnerability |
2018/03/08 | CVE-2018-0147 | NVD | 9.8(NVD) |
CWE-502 CWE-20 |
信頼できないデータのデシリアライゼーション 不適切な入力確認 |
Cisco Secure Access Control System Java Deserialization Vulnerability |
2018/03/28 | CVE-2018-0154 | NVD | 7.5(NVD) |
CWE-399 | リソース管理の問題 | Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability |
2018/03/28 | CVE-2018-0155 | NVD | 8.6(NVD) |
CWE-755 CWE-388 |
例外的な状態における不適切な処理 エラー処理 |
Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability |
2018/03/28 | CVE-2018-0156 | NVD | 7.5(NVD) |
CWE-20 CWE-399 |
不適切な入力確認 リソース管理の問題 |
Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability |
2018/03/28 | CVE-2018-0158 | NVD | 8.6(NVD) |
CWE-772 CWE-20 |
有効なライフタイム後のリソースの解放の欠如 不適切な入力確認 |
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability |
2018/03/28 | CVE-2018-0159 | NVD | 7.5(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability |
2018/03/28 | CVE-2018-0161 | NVD | 6.3(NVD) | CWE-399 | リソース管理の問題 | Cisco IOS Software Resource Management Errors Vulnerability |
2018/03/28 | CVE-2018-0167 | NVD | 8.6(NVD) |
CWE-119 | バッファエラー | Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability |
2018/03/28 | CVE-2018-0171 | NVD | 9.8(NVD) |
CWE-787 CWE-20 |
境界外書き込み 不適切な入力確認 |
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability |
2018/03/28 | CVE-2018-0172 | NVD | 8.6(NVD) |
CWE-787 CWE-20 |
境界外書き込み 不適切な入力確認 |
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability |
2018/03/28 | CVE-2018-0173 | NVD | 8.6(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS and IOS XE Software Improper Input Validation Vulnerability |
2018/03/28 | CVE-2018-0174 | NVD | 8.6(NVD) |
CWE-20 | 不適切な入力確認 | Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability |
2018/03/28 | CVE-2018-0175 | NVD | 8.0(NVD) |
CWE-134 CWE-119 |
書式文字列の問題 バッファエラー |
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability |
2018/03/28 | CVE-2018-0179 | NVD | 5.9(NVD) | CWE-399 | リソース管理の問題 | Cisco IOS Software Denial-of-Service Vulnerability |
2018/03/28 | CVE-2018-0180 | NVD | 5.9(NVD) | CWE-399 | リソース管理の問題 | Cisco IOS Software Denial-of-Service Vulnerability |
2019/11/25 | CVE-2019-15271 | NVD | 8.8(NVD) 8.8(CISCO) |
CWE-502 | 信頼できないデータのデシリアライゼーション | Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability |
2021/05/06 | CVE-2021-1497 | NVD | 9.8(NVD) 9.8(CISCO) |
CWE-78 | OSコマンドインジェクション | Cisco HyperFlex HX Command Injection Vulnerabilities |
2021/05/06 | CVE-2021-1498 | NVD | 9.8(NVD) 9.8(CISCO) |
CWE-78 | OSコマンドインジェクション | Cisco HyperFlex HX Command Injection Vulnerabilities |
【ニュース】
◆Cisco、既知の脆弱性28件が「悪用済み」であると公表 (Security NEXT, 2022/12/21)
https://www.security-next.com/142394
【関連まとめ記事】
◆Cisco / シスコ (まとめ)
https://malware-log.hatenablog.com/entry/Cisco