Vulnerabilites related to cisco - cbos
CVE-2001-0751 (GCVE-0-2001-0751)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "tcp-seq-predict(139)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "tcp-seq-predict(139)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "tcp-seq-predict(139)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0751",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0753 (GCVE-0-2001-0753)
Vulnerability from cvelistv5
Published
2001-10-12 04:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-cbos-execenable-info-disclosure(44544)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544"
},
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-cbos-execenable-info-disclosure(44544)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544"
},
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-cbos-execenable-info-disclosure(44544)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544"
},
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0753",
"datePublished": "2001-10-12T04:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1064 (GCVE-0-2001-1064)
Vulnerability from cvelistv5
Published
2002-02-02 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3236",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3236"
},
{
"name": "cisco-cbos-telnet-dos(7025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"name": "cisco-cbos-http-dos(7026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3236",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3236"
},
{
"name": "cisco-cbos-telnet-dos(7025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"name": "cisco-cbos-http-dos(7026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3236"
},
{
"name": "cisco-cbos-telnet-dos(7025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"name": "cisco-cbos-http-dos(7026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1064",
"datePublished": "2002-02-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4430 (GCVE-0-2007-4430)
Vulnerability from cvelistv5
Published
2007-08-20 19:00
Modified
2024-08-07 14:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26798"
},
{
"name": "25352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25352"
},
{
"name": "1018685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018685"
},
{
"name": "[cisco-nsp] 20070817 Heads up: \"sh ip bgp regexp\" crashing router",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.heise-security.co.uk/news/94526/"
},
{
"name": "[cisco-nsp] 20070817 About the posting entitled \"Heads up: \"sh ip bgp regexp\" crashing router\"",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
},
{
"name": "20070912 Cisco IOS Reload on Regular Expression Processing",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
},
{
"name": "ADV-2007-3136",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a \"show ip bgp regexp\" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-09-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26798"
},
{
"name": "25352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25352"
},
{
"name": "1018685",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018685"
},
{
"name": "[cisco-nsp] 20070817 Heads up: \"sh ip bgp regexp\" crashing router",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.heise-security.co.uk/news/94526/"
},
{
"name": "[cisco-nsp] 20070817 About the posting entitled \"Heads up: \"sh ip bgp regexp\" crashing router\"",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
},
{
"name": "20070912 Cisco IOS Reload on Regular Expression Processing",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
},
{
"name": "ADV-2007-3136",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3136"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a \"show ip bgp regexp\" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26798",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26798"
},
{
"name": "25352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25352"
},
{
"name": "1018685",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018685"
},
{
"name": "[cisco-nsp] 20070817 Heads up: \"sh ip bgp regexp\" crashing router",
"refsource": "MLIST",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
},
{
"name": "http://www.heise-security.co.uk/news/94526/",
"refsource": "MISC",
"url": "http://www.heise-security.co.uk/news/94526/"
},
{
"name": "[cisco-nsp] 20070817 About the posting entitled \"Heads up: \"sh ip bgp regexp\" crashing router\"",
"refsource": "MLIST",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
},
{
"name": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9",
"refsource": "MISC",
"url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
},
{
"name": "20070912 Cisco IOS Reload on Regular Expression Processing",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
},
{
"name": "ADV-2007-3136",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3136"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4430",
"datePublished": "2007-08-20T19:00:00",
"dateReserved": "2007-08-20T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0754 (GCVE-0-2001-0754)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "cisco-cbos-multiple-echo(7299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "cisco-cbos-multiple-echo(7299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "cisco-cbos-multiple-echo(7299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0754",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0752 (GCVE-0-2001-0752)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "5573",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5573"
},
{
"name": "cisco-cbos-record-dos(7298)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7298"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "5573",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5573"
},
{
"name": "cisco-cbos-record-dos(7298)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7298"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010522 More Multiple Vulnerabilities in CBOS",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"name": "5573",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5573"
},
{
"name": "cisco-cbos-record-dos(7298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7298"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0752",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0444 (GCVE-0-2001-0444)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1796",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1796"
},
{
"name": "cisco-cbos-gain-information(6453)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6453"
},
{
"name": "2635",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2635"
},
{
"name": "20010420 Bug in Cisco CBOS v2.3.0.053",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.0.053 sends output of the \"sh nat\" (aka \"show nat\") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1796",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1796"
},
{
"name": "cisco-cbos-gain-information(6453)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6453"
},
{
"name": "2635",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2635"
},
{
"name": "20010420 Bug in Cisco CBOS v2.3.0.053",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco CBOS 2.3.0.053 sends output of the \"sh nat\" (aka \"show nat\") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1796",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1796"
},
{
"name": "cisco-cbos-gain-information(6453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6453"
},
{
"name": "2635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2635"
},
{
"name": "20010420 Bug in Cisco CBOS v2.3.0.053",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0444",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-05-24T00:00:00",
"dateUpdated": "2024-08-08T04:21:38.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0886 (GCVE-0-2002-0886)
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020523 CBOS - Improving Resilience to Denial-of-Service Attacks",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml"
},
{
"name": "4813",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4813"
},
{
"name": "cisco-cbos-telnet-cpe-dos(9152)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152"
},
{
"name": "4814",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4814"
},
{
"name": "cisco-cbos-tcpip-dos(9153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9153.php"
},
{
"name": "cisco-cbos-dhcp-dos(9151)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9151.php"
},
{
"name": "4815",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020523 CBOS - Improving Resilience to Denial-of-Service Attacks",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml"
},
{
"name": "4813",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4813"
},
{
"name": "cisco-cbos-telnet-cpe-dos(9152)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152"
},
{
"name": "4814",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4814"
},
{
"name": "cisco-cbos-tcpip-dos(9153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9153.php"
},
{
"name": "cisco-cbos-dhcp-dos(9151)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9151.php"
},
{
"name": "4815",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020523 CBOS - Improving Resilience to Denial-of-Service Attacks",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml"
},
{
"name": "4813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4813"
},
{
"name": "cisco-cbos-telnet-cpe-dos(9152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152"
},
{
"name": "4814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4814"
},
{
"name": "cisco-cbos-tcpip-dos(9153)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9153.php"
},
{
"name": "cisco-cbos-dhcp-dos(9151)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9151.php"
},
{
"name": "4815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0886",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1065 (GCVE-0-2001-1065)
Vulnerability from cvelistv5
Published
2002-02-02 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-cbos-web-config(7027)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7027"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-cbos-web-config(7027)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7027"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-cbos-web-config(7027)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7027"
},
{
"name": "20010823 CBOS Web-based Configuration Utility Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1065",
"datePublished": "2002-02-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E02E785-40FF-4F46-BB32-4D07F08352D2",
"versionEndIncluding": "2.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections."
},
{
"lang": "es",
"value": "Conmutadores y routers Cisco corriendo CBOS 2.3.8 usan n\u00fameros iniciales de secuencia TCP (ISN) predecibles, lo que permite a un atacante remoto secuestrar o falsificar conexiones TCP;"
}
],
"id": "CVE-2001-0751",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "709494BE-334A-43C4-A10B-E3784093B2A0",
"versionEndIncluding": "2.4.2ap",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE29F62-FF38-4951-B3CB-2B9102CB9291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEF0CEB-4CCF-46B1-99BC-8301CD422371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6E05A1-524C-441C-A4E2-F2E9DE62E82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3875EB7E-7D22-4C3D-80CD-A7E8A249E97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD36C73-8CAC-4DDB-8A64-11DAC075D300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7E0234-23B5-41D4-A8B5-04C5BB881F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2277233-E3EB-42F0-BB02-068E50A09265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59C80FB5-35CC-4FE2-8C98-A560B7D5C479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC81B47-C744-4776-BFB6-AA70D35A4140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFB61AC-25EE-46E4-9F34-70569EF74CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4737C7E7-1E40-40F6-A6B3-4CE1465F4105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E9CCC-D8EB-4778-B444-14314651CA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7AF093-B5E2-4C4F-997B-5ECB5192A524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FFFBE5-EE4C-4A10-8D94-015438A39C76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."
}
],
"id": "CVE-2001-1064",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3236"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-20 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | cli | * | |
| cisco | cbos | * | |
| cisco | cbos | 12.1 | |
| cisco | cbos | 12.2 | |
| cisco | ids | * | |
| cisco | ios | 10.0 | |
| cisco | ios | 10.3 | |
| cisco | ios | 11.0 | |
| cisco | ios | 11.1 | |
| cisco | ios | 11.2 | |
| cisco | ios | 12.0 | |
| cisco | ios | 12.1 | |
| cisco | ios | 12.2 | |
| cisco | ios | 12.3 | |
| cisco | ios | 12.4 | |
| cisco | ios_xr | * | |
| cisco | ios_xr | 2.0 | |
| cisco | ios_xr | 3.0 | |
| cisco | ios_xr | 3.1 | |
| cisco | ios_xr | 3.2 | |
| cisco | ios_xr | 3.3 | |
| cisco | ios_xr | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cli:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687692A2-8316-4AF0-A121-87B1E3A59370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1AB2C2F-FEBB-4DCE-BD39-11AA7A9C89A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75466FDB-6AC4-4DA0-85E0-284FB7B2470A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "761965AE-DC5E-481C-A8D5-FBC51AEE93E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ids:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BDB76F-07E0-4E56-85A8-24A59F93CAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3824A6CC-5C3A-4146-9CDD-B7B213527552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8026B11-6144-467F-8094-F4F73CD37526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB31FAC-D720-4BF1-BFCC-0A9B714E292A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4F71CB-B8D6-44AA-B0E8-E6EC92F4273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D69F8FA-D58A-4F53-86D8-A20C73E9B299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD331C50-DB93-4001-B56A-C1012F894CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75538529-611A-43B5-AC4D-089C4E2E2ACC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a \"show ip bgp regexp\" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegaci\u00f3n de servicio (reinicio del dispositivo y reconstrucci\u00f3n de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando \"show ip bgp regexp\". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso an\u00f3nimo a telnet y Looking Glass."
}
],
"id": "CVE-2007-4430",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-20T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26798"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.heise-security.co.uk/news/94526/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25352"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018685"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3136"
},
{
"source": "cve@mitre.org",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
},
{
"source": "cve@mitre.org",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.heise-security.co.uk/news/94526/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.053:*:*:*:*:*:*:*",
"matchCriteriaId": "E6DD1729-97A2-4BE6-8DB0-5A1D7CC4285D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7AF093-B5E2-4C4F-997B-5ECB5192A524",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.0.053 sends output of the \"sh nat\" (aka \"show nat\") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information."
}
],
"id": "CVE-2001-0444",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1796"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2635"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6453"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E02E785-40FF-4F46-BB32-4D07F08352D2",
"versionEndIncluding": "2.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets."
},
{
"lang": "es",
"value": "Cisco CBOS 2.3.8 y anteriores permiten a atacantes causar una denegaci\u00f3n de servicio mediante una serie de paquetes ICMP de petici\u00f3n de eco (ping) grandes, que les hacen entrar en modo ROMMON y dejar de reenviar paquetes"
}
],
"id": "CVE-2001-0754",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "709494BE-334A-43C4-A10B-E3784093B2A0",
"versionEndIncluding": "2.4.2ap",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE29F62-FF38-4951-B3CB-2B9102CB9291",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack."
}
],
"id": "CVE-2001-1065",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7027"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | cbos | 2.0.1 | |
| cisco | cbos | 2.1.0 | |
| cisco | cbos | 2.1.0a | |
| cisco | cbos | 2.2.0 | |
| cisco | cbos | 2.2.1 | |
| cisco | cbos | 2.2.1a | |
| cisco | cbos | 2.3 | |
| cisco | cbos | 2.3.2 | |
| cisco | cbos | 2.3.5 | |
| cisco | cbos | 2.3.5.015 | |
| cisco | cbos | 2.3.7 | |
| cisco | cbos | 2.3.7.002 | |
| cisco | cbos | 2.3.8 | |
| cisco | cbos | 2.3.9 | |
| cisco | cbos | 2.3_.053 | |
| cisco | cbos | 2.4.1 | |
| cisco | cbos | 2.4.2 | |
| cisco | cbos | 2.4.2ap | |
| cisco | cbos | 2.4.2b | |
| cisco | cbos | 2.4.3 | |
| cisco | cbos | 2.4.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE29F62-FF38-4951-B3CB-2B9102CB9291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEF0CEB-4CCF-46B1-99BC-8301CD422371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6E05A1-524C-441C-A4E2-F2E9DE62E82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3875EB7E-7D22-4C3D-80CD-A7E8A249E97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD36C73-8CAC-4DDB-8A64-11DAC075D300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7E0234-23B5-41D4-A8B5-04C5BB881F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2277233-E3EB-42F0-BB02-068E50A09265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59C80FB5-35CC-4FE2-8C98-A560B7D5C479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC81B47-C744-4776-BFB6-AA70D35A4140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.5.015:*:*:*:*:*:*:*",
"matchCriteriaId": "FB66DFA6-089D-4200-87CB-AB1404A48EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFB61AC-25EE-46E4-9F34-70569EF74CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.7.002:*:*:*:*:*:*:*",
"matchCriteriaId": "E81CFA0E-04B7-406A-899B-157FC1862501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4737C7E7-1E40-40F6-A6B3-4CE1465F4105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E9CCC-D8EB-4778-B444-14314651CA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.3_.053:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D52CBF-D6F7-47C1-81E6-714F50F5E6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7AF093-B5E2-4C4F-997B-5ECB5192A524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FFFBE5-EE4C-4A10-8D94-015438A39C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.2ap:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BFEC03-6715-4821-8AA0-EF90E1D68DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E7405D-78C0-4C31-A996-B1EF09EEA205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDEB295-B551-4D48-A542-1FC035C78F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cbos:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5094C442-AB4F-41C3-8C83-4B7CB6E2A980",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory."
}
],
"id": "CVE-2002-0886",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9151.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9153.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4813"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4814"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4815"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9151.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9153.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E02E785-40FF-4F46-BB32-4D07F08352D2",
"versionEndIncluding": "2.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges."
}
],
"id": "CVE-2001-0753",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44544"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E02E785-40FF-4F46-BB32-4D07F08352D2",
"versionEndIncluding": "2.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set."
},
{
"lang": "es",
"value": "Cisco CBOS 2.3.8 y anteriores permiten a atacantes remotos causar una denegaci\u00f3n de servicio mediante un paquete ICMP de petici\u00f3n de eco (ping) con la opci\u00f3n trazar ruta activada."
}
],
"id": "CVE-2001-0752",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5573"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7298"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}