Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
Max CVSS
7.5
EPSS Score
3.43%
Published
2001-10-18
Updated
2017-07-11
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
Max CVSS
7.5
EPSS Score
0.28%
Published
2001-10-18
Updated
2017-10-10
2 vulnerabilities found