Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco ios xr 7.10 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-20191
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An ...
Cisco Ios Xr 7.10Cisco Ios Xr
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0dOpenssl Openssl 1.1.0aOpenssl Openssl 1.1.0bHp Operations Agent 11.15Hp Operations Agent 11.14
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0Openssl Openssl 1.1.0bOpenssl Openssl 1.1.0aOracle Agile Engineering Data Management 6.2.0Oracle Jd Edwards World Security A9.2Oracle Communications Eagle Lnp Application Processor 10.1Oracle Communications Application Session Controller 3.7.1Oracle Jd Edwards World Security A9.4Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Communications Operations Monitor 3.4Oracle Communications Operations Monitor 4.0Oracle Agile Engineering Data Management 6.1.3Oracle Jd Edwards World Security A9.1Oracle Jd Edwards World Security A9.3Oracle Communications Eagle Lnp Application Processor 10.0Oracle Communications Eagle Lnp Application Processor 10.2Oracle Communications Application Session Controller 3.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook