Blog

sha256: 2b87a252a3d912530dd8c20df6bee7f6cbc4ede0074fdf217e318aab39d9736c

Vuln IOS XE 17.01.01

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 17.01.01

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-ios-profinet-dos-65qYG3W5 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3512 2020-09-24T16:00:00
cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00
cisco-sa-xbace-OnCEbyS Cisco IOS XE Software Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3417 2020-09-24T16:00:00
cisco-sa-iosxe-isdn-q931-dos-67eUZBTf Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability 7.4 CVE-2020-3511 2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability 6.1 CVE-2020-3479 2020-09-24T16:00:00
cisco-sa-splitdns-SPWqpdGW Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability 8.6 CVE-2020-3408 2020-09-24T16:00:00
cisco-sa-ios-lua-rce-7VeJX4f Cisco IOS XE Software Arbitrary Code Execution Vulnerability 5.1 CVE-2020-3423 2020-09-24T16:00:00
cisco-sa-iosxe-cmdinj-2MzhjM6K Cisco IOS XE Software Command Injection Vulnerability 6.7 CVE-2020-3403 2020-09-24T16:00:00
cisco-sa-COPS-VLD-MpbTvGEW Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability 8.6 CVE-2020-3526 2020-09-24T16:00:00
cisco-sa-le-drTOB625 Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability 7.4 CVE-2020-3465 2020-09-24T16:00:00
cisco-sa-ISR4461-gKKUROhx Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability 8.6 CVE-2020-3414 2020-09-24T16:00:00
cisco-sa-iosxe-rsp3-rce-jVHg8Z7c Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities 6.7 CVE-2020-3416 2020-09-24T16:00:00
cisco-sa-iosxe-dhcp-dos-JSCKX43h Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability 8.6 CVE-2020-3509 2020-09-24T16:00:00
cisco-sa-iosxe-iox-app-host-mcZcnsBt Cisco IOS XE Software IOx Application Hosting Privilege Escalation Vulnerability 6.0 CVE-2020-3393 2020-09-24T16:00:00
cisco-sa-ipsla-jw2DJmSv Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability 8.6 CVE-2020-3422 2020-09-24T16:00:00
cisco-sa-ios-webui-priv-esc-K8zvEWM Cisco IOS XE Software Privilege Escalation Vulnerabilities 8.8 CVE-2020-3141 2020-09-24T16:00:00
cisco-sa-confacl-HbPtfSuO Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service Vulnerability 8.6 CVE-2020-3407 2020-09-24T16:00:00
cisco-sa-ios-xe-webui-multi-vfTkk7yr Cisco IOS XE Software Web Management Framework Vulnerabilities 4.3 CVE-2020-3474 2020-09-24T16:00:00
cisco-sa-zbfw-94ckG4G Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities 8.6 CVE-2020-3421 2020-09-24T16:00:00
cisco-sa-capwap-dos-TPdNTdyq Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities 7.4 CVE-2020-3486 2020-09-24T16:00:00
cisco-sa-capwap-dos-ShFzXf Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability 8.6 CVE-2020-3399 2020-09-24T16:00:00
cisco-sa-ewlc-icmpv6-qb9eYyCR Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability 4.7 CVE-2020-3418 2020-09-24T16:00:00
cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability 7.4 CVE-2020-3390 2020-09-24T16:00:00
cisco-sa-telnetd-EFJrEzPx Telnet Vulnerability Affecting Cisco Products: June 2020 9.8 CVE-2020-10188 2020-06-24T16:00:00
cisco-sa-iosxe-ewlc-dos-TkuPVmZN Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability 8.6 CVE-2020-3203 2020-06-03T16:00:00
cisco-sa-20170726-anicrl Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability 6.5 CVE-2017-6664 2017-07-26T16:00:00
cisco-sa-20170726-aniacp Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability 7.4 CVE-2017-6665 2017-07-26T16:00:00
cisco-sa-20170726-anidos Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability 7.4 CVE-2017-6663 2017-07-26T16:00:00
Any Comments ?

sha256: 7ddd18e78e70dc6896588bffe741600078f06f5fe0bb7a55aa1fabb5979528b9

Vuln IOS 15.4(1)SY4

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.4(1)SY4

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability 6.1 CVE-2020-3479 2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.5 CVE-2020-3201 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-identd-dos Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability 8.6 CVE-2019-12647 2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-c6500 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability 4.7 CVE-2019-1758 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability 6.8 CVE-2018-15377 2018-09-26T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
Any Comments ?

sha256: c3e4b89e9a31fa5a69fa1ff4839762a32c00430cb927caaf267501554832ac61

Vuln IOS 15.2(1)SY5

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.2(1)SY5

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.5 CVE-2020-3201 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability 6.8 CVE-2020-3228 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-tsec Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability 6.8 CVE-2019-12669 2019-09-25T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20190925-identd-dos Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability 8.6 CVE-2019-12647 2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability 7.4 CVE-2019-1748 2019-03-27T16:00:00
cisco-sa-20190327-c6500 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability 4.7 CVE-2019-1758 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
Any Comments ?

sha256: bce3f1e18d4915a7635960f328d32af63e5d8aa804d1e1105dcea0da79e1b5e0

Vuln NXOS 8.2(4)

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 8.2(4)

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 8.2(6) 2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 8.2(6) 2020-08-26T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 8.2(6) 2020-06-03T16:00:00
cisco-sa-20200226-nxos-arp Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability 4.7 CVE-2020-3174 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200226-nxos-api-dos Cisco NX-OS Software NX-API Denial of Service Vulnerability 5.3 CVE-2020-3170 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3120 8.2(5) 2020-02-05T16:00:00
Any Comments ?

sha256: 83f05371aa9a76dc79231c5794783649ccf885061887a5d55bc0d7b2d9ad4fb7

Vuln IOS XE 03.08.09

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.09.E

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability 6.8 CVE-2020-3209 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
Any Comments ?

sha256: 397e05c88b687a24a6437aef9e0a3eb7a0ffc1b7041065b122ebc5a9c2b85aaf

Vuln IOS 15.0(2)SE8

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.0(2)SE8

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20160525-ipv6 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability 5.8 CVE-2016-1409 2016-05-25T16:00:00
cisco-sa-20180926-ptp Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability 7.5 CVE-2018-0473 2018-09-26T16:00:00
cisco-sa-20170629-snmp SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software 8.8 CVE-2017-6736 2017-06-29T16:00:00
cisco-sa-20170317-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability 9.8 CVE-2017-3881 2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2019-1746 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2018-0475 2018-09-26T16:00:00
cisco-sa-20180926-tacplus Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability 6.8 CVE-2018-15369 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180328-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 8.6 CVE-2018-0156 2018-03-28T16:00:00
cisco-sa-20180328-smi2 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability 9.8 CVE-2018-0171 2018-03-28T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3 Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability 8.6 CVE-2018-0174 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1 Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability 8.6 CVE-2018-0172 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2 Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability 8.6 CVE-2018-0173 2018-03-28T16:00:00
cisco-sa-20180328-ike-dos Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability 8.6 CVE-2018-0159 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
cisco-sa-20170927-dhcp Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability 9.8 CVE-2017-12240 2017-09-27T16:00:00
cisco-sa-20170927-profinet Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability 8.6 CVE-2017-12235 2017-09-27T16:00:00
cisco-sa-20170927-ike Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability 8.6 CVE-2017-12237 2017-09-27T16:00:00
cisco-sa-20170927-pnp Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability 8.7 CVE-2017-12228 2017-09-27T16:00:00
cisco-sa-20170927-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities 8.6 CVE-2017-12233 2017-09-27T16:00:00
cisco-sa-20170727-ospf Multiple Cisco Products OSPF LSA Manipulation Vulnerability 4.2 CVE-2017-6770 2017-07-27T16:00:00
cisco-sa-20170322-dhcpc Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability 8.6 CVE-2017-3864 2017-03-22T16:00:00
cisco-sa-20150923-fhs Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 7.8 CVE-2015-6278 2015-09-23T16:00:00
cisco-sa-20160916-ikev1 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products 7.8 CVE-2016-6415 2016-09-16T16:00:00
cisco-sa-20160928-aaados Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 7.1 CVE-2016-6393 2016-09-28T16:00:00
cisco-sa-20160928-dns Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability 8.3 CVE-2016-6380 2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-6381 2016-09-28T16:00:00
cisco-sa-20160928-msdp Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 7.8 CVE-2016-6382 2016-09-28T16:00:00
cisco-sa-20160928-smi Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 7.8 CVE-2016-6385 2016-09-28T16:00:00
cisco-sa-20160928-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 7.8 CVE-2016-6391 2016-09-28T16:00:00
cisco-sa-20160323-ios-ikev2 Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-1344 2016-03-23T16:00:00
cisco-sa-20160323-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 7.8 CVE-2016-1349 2016-03-23T16:00:00
cisco-sa-20150325-tcpleak Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability 7.8 CVE-2015-0646 2015-03-25T16:00:00
cisco-sa-20150325-cip Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol 7.8 CVE-2015-0647 2015-03-25T16:00:00
cisco-sa-20150320-openssl Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products 2.6 CVE-2015-0207 2015-03-20T20:20:00
cisco-sa-20150408-ntpd Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products 5.0 CVE-2015-1798 2015-04-08T16:00:00
cisco-sa-20150310-ssl Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products 5.0 CVE-2014-3569 2015-03-10T16:00:00
Cisco-SA-20150113-CVE-2015-0204 OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability 5.0 CVE-2015-0204 2015-01-13T19:57:19
Any Comments ?

sha256: 79bf0448ec96592b255cae56173d8046be1d26090c12f05c8ec949a5e494e8f4

Vuln NXOS 6.2(8)

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 6.2(8)

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 7.3(6)D1(1) 2020-08-26T16:00:00
cisco-sa-callhome-cmdinj-zkxzSCY Cisco NX-OS Software Call Home Command Injection Vulnerability 7.2 CVE-2020-3454 6.2(22) 2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 6.2(24) 2020-08-26T16:00:00
cisco-sa-nxos-ipip-dos-kCT9X4 Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability 8.6 CVE-2020-10136 6.2(24a) 2020-06-01T16:00:00
cisco-sa-20200226-fxos-nxos-cdp Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability 8.8 CVE-2020-3172 6.2(24) 2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3120 6.2(24) 2020-02-05T16:00:00
cisco-sa-20190828-nxos-fsip-dos Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability 8.6 CVE-2019-1962 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190828-fxnxos-snmp-dos Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability 7.7 CVE-2019-1963 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190828-nxos-memleak-dos Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability 7.7 CVE-2019-1965 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190925-vman Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability 6.7 CVE-2019-12662 6.2(24) 2019-09-25T16:00:00
cisco-sa-20190925-nxos-vman-cmd-inj Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability 6.7 CVE-2019-12717 6.2(24) 2019-09-25T16:00:00
Any Comments ?

sha256: dcc57a5fe985797f70625f446699af20967b380a718cd1d9a5b903aa5220b86a

Openbsd Root Password Recovery

OpenBSD

if you ever have to recover your root password …

Root PW Recovery

boot> boot -s

Enter pathname of shell or RETURN for sh: [ENTER]

fsck -p /
fsck -p /usr

mount -uw /
mount /usr

passwd

and finally: reboot

FSCK

need to run fsck ?

fsck /dev/sd1a
fsck -y /dev/sd1a

FSTAB

need do fix your fstab ?

boot -s
mount /usr
mount /
export TERM=vt100
/usr/bin/vi /etc/fstab
fix it !
Any Comments ?

sha256: 83b758be6c6353e12d4750d8df65d5531075e621a6918ec1c5688386f62e2ace

Smokeping Debian Nginx

Network, OpenBSD

Smokeping in 5min, with Dual Stack on Nginx

Smokeping

All in one Installer

Run it at your own risk …

wget https://blog.stoege.net/scripts/smokeping_debian3.sh
chmod 700 smokeping_debian3.sh
./smokeping_debian3.sh

or Setup by Hand

Install Packages

apt-get install borgbackup curl echoping fcgiwrap fping hping3 htop lynx mlocate mtr nginx rsync smokeping tmate tree tshark unzip vim vnstat wget zip

Configure Nginx

export MYSITENAME="smokeping.planet.world"
wget "https://github.com/vazhnov/smokeping_nginx/raw/master/best.conf"
sed -i -- s/smokeping\.example\.com/${MYSITENAME}/g best.conf
chown root: best.conf
mv best.conf /etc/nginx/sites-available/${MYSITENAME}.conf
ln -s "../sites-available/${MYSITENAME}.conf" "/etc/nginx/sites-enabled/${MYSITENAME}.conf"
nginx -t && systemctl restart nginx

Some Smokeping Fixes

mkdir -p /var/run/smokeping

Tune General

cat << 'EOF' > /etc/smokeping/config.d/General
*** General ***

owner    = Franz Musterer
contact  = [email protected]
mailhost = smtp-relay-host

# NOTE: do not put the Image Cache below cgi-bin
# since all files under cgi-bin will be executed ... this is not
# good for images.
cgiurl   = http://somekping.planet/smokeping/smokeping.cgi

# specify this to get syslog logging
syslogfacility = local0
# each probe is now run in its own process
# disable this to revert to the old behaviour
# concurrentprobes = no

@include /etc/smokeping/config.d/pathnames
EOF

Tune Databases

cat << 'EOF' > /etc/smokeping/config.d/Database
*** Database ***

step     = 60
pings    = 59
#step     = 300
#pings    = 20

# consfn mrhb steps total

AVERAGE  0.5   1  1008
AVERAGE  0.5  12  4320
    MIN  0.5  12  4320
    MAX  0.5  12  4320
AVERAGE  0.5 144   720
    MAX  0.5 144   720
    MIN  0.5 144   720
EOF

Tune Probes

cat << 'EOF' > /etc/smokeping/config.d/Probes
*** Probes ***

+ FPing

binary = /usr/bin/fping


+ FPing6
binary = /usr/bin/fping
protocol = 6


+ EchoPingHttp

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
accept_redirects = yes
extraopts =
ignore_cache = yes
ipversion = 4
pings = 5
port = 80
priority = 6
revalidate_data = no
timeout = 20
tos = 0xa0
url = /
waittime = 1


+EchoPingHttps

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
accept_redirects = yes
extraopts =
ignore_cache = yes
ipversion = 4
pings = 5
port = 443
priority = 6
prot = 3443
revalidate_data = no
timeout = 20
tos = 0xa0
url = /
waittime = 1


+EchoPingDNS

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
dns_request = google.com
dns_tcp = no
dns_type = A
extraopts =
ipversion = 4
pings = 5
plugin = /usr/lib/echoping/dns.so
pluginargs = -p
priority = 6
timeout = 1
tos = 0xa0
waittime = 1
EOF

Tune Targets

cat << 'EOF' > /etc/smokeping/config.d/Targets
*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Welcome to the SmokePing website of xxx Company.          Here you will learn all about the latency of our network.

+ Local
menu = Local
title = Local Network

++ LocalMachine

menu = Local Machine
title = This host
host = localhost



+ Inet
menu = Internet
title = some Hosts on the Net
probe = FPing

++ google
menu = google
title = google, 8.8.8.8
host = 8.8.8.8

++ switch
host = www.switch.ch

++ uzh
host = www.uzh.ch

++ blick
host = www.blick.ch


+ IPv4
menu = IPv4 Hosts
title = Hosts running IPv4
probe = FPing

++ multi
menu  = MultiTarget
title = Multiple Targets
host  = /IPv4/host1 \
        /IPv4/host2 \
        /IPv4/host3

++ host1
host = host1.planet

++ host2
host = host2.planet

++ host3
host = host3.planet


+ IPv6
menu = IPv6 Hosts
title = Hosts running IPv6
probe = FPing6

++ multi
menu  = MultiTarget
title = Multiple Targets
host  = /IPv6/host1 \
        /IPv6/host2 \
        /IPv6/host3

++ host1
host = host1.planet

++ host2
host = host2.planet

++ host3
host = host3.planet


+ HTTP
menu = HTTP
title = some HTTP Probes
probe = EchoPingHttp

++ google-com
host = www.google.com

++ uzh
host = www.uzh.ch
EOF

Restart Smokeping

systemctl restart smokeping

Browse

http://smokeping.planet/smokeping

Smokeping with IPv4 / IPv6

Network, OpenBSD

How to install Smokeping on Debian in 5 Minutes

with Dualstack, IPv4 and IPv6

Smokeping

All in one Installer

Run it at your own risk …

wget https://blog.stoege.net/scripts/smokeping_debian2.sh
chmod 700 smokeping_debian2.sh
./smokeping_debian2.sh

or Setup by Hand

Set Hostname

root@smokeping:~# cat /etc/hostname
smokeping.planet

Install Packages

apt-get install apache2 borgbackup curl echoping fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip

Enable Smokeping in Apache

cd /etc/apache2/conf-enabled
ln -s ../conf-available/smokeping.conf .

Enable Module CGI

a2enmod cgid
systemctl restart apache2

Some Smokeping Fixes

mkdir -p /var/run/smokeping

Tune General

cat << 'EOF' > /etc/smokeping/config.d/General
*** General ***

owner    = Franz Musterer
contact  = [email protected]
mailhost = smtp-relay-host

# NOTE: do not put the Image Cache below cgi-bin
# since all files under cgi-bin will be executed ... this is not
# good for images.
cgiurl   = http://somekping.planet/smokeping/smokeping.cgi

# specify this to get syslog logging
syslogfacility = local0
# each probe is now run in its own process
# disable this to revert to the old behaviour
# concurrentprobes = no

@include /etc/smokeping/config.d/pathnames
EOF

Tune Databases

cat << 'EOF' > /etc/smokeping/config.d/Database
*** Database ***

step     = 60
pings    = 59
#step     = 300
#pings    = 20

# consfn mrhb steps total

AVERAGE  0.5   1  1008
AVERAGE  0.5  12  4320
    MIN  0.5  12  4320
    MAX  0.5  12  4320
AVERAGE  0.5 144   720
    MAX  0.5 144   720
    MIN  0.5 144   720
EOF

Tune Probes

cat << EOF > /etc/smokeping/config.d/Probes
*** Probes ***

+ FPing

binary = /usr/bin/fping


+ FPing6
binary = /usr/bin/fping
protocol = 6


+ EchoPingHttp

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
accept_redirects = yes
extraopts =
ignore_cache = yes
ipversion = 4
pings = 5
port = 80
priority = 6
revalidate_data = no
timeout = 20
tos = 0xa0
url = /
waittime = 1


+EchoPingHttps

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
accept_redirects = yes
extraopts =
ignore_cache = yes
ipversion = 4
pings = 5
port = 443
priority = 6
prot = 3443
revalidate_data = no
timeout = 20
tos = 0xa0
url = /
waittime = 1


+EchoPingDNS

binary = /usr/bin/echoping
forks = 5
offset = 50%
step = 300

# The following variables can be overridden in each target section
dns_request = google.com
dns_tcp = no
dns_type = A
extraopts =
ipversion = 4
pings = 5
plugin = /usr/lib/echoping/dns.so
pluginargs = -p
priority = 6
timeout = 1
tos = 0xa0
waittime = 1
EOF

Tune Targets

cat << 'EOF' > /etc/smokeping/config.d/Targets
*** Targets ***

probe = FPing

menu = Top
title = Network Latency Grapher
remark = Welcome to the SmokePing website of xxx Company.          Here you will learn all about the latency of our network.

+ Local
menu = Local
title = Local Network

++ LocalMachine

menu = Local Machine
title = This host
host = localhost



+ Inet
menu = Internet
title = some Hosts on the Net
probe = FPing

++ google
menu = google
title = google, 8.8.8.8
host = 8.8.8.8

++ switch
host = www.switch.ch

++ uzh
host = www.uzh.ch

++ blick
host = www.blick.ch


+ IPv4
menu = IPv4 Hosts
title = Hosts running IPv4
probe = FPing

++ multi
menu  = MultiTarget
title = Multiple Targets
host  = /IPv4/host1 \
        /IPv4/host2 \
        /IPv4/host3

++ host1
host = host1.planet

++ host2
host = host2.planet

++ host3
host = host3.planet


+ IPv6
menu = IPv6 Hosts
title = Hosts running IPv6
probe = FPing6

++ multi
menu  = MultiTarget
title = Multiple Targets
host  = /IPv6/host1 \
        /IPv6/host2 \
        /IPv6/host3

++ host1
host = host1.planet

++ host2
host = host2.planet

++ host3
host = host3.planet


+ HTTP
menu = HTTP
title = some HTTP Probes
probe = EchoPingHttp

++ google-com
host = www.google.com

++ uzh
host = www.uzh.ch
EOF

Restart Smokeping

systemctl restart smokeping

Browse

http://smokeping.planet/smokeping