Vulnerabilities > Cisco > Firepower Extensible Operating System > 1.1.1.147

DATE CVE VULNERABILITY TITLE RISK
2018-06-21 CVE-2018-0311 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
7.5
2018-06-21 CVE-2018-0310 Out-of-bounds Read vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product.
network
low complexity
cisco CWE-125
critical
9.8
2018-06-21 CVE-2018-0303 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device.
low complexity
cisco CWE-119
8.8
2018-06-21 CVE-2018-0302 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.
local
low complexity
cisco CWE-119
7.8
2018-06-21 CVE-2018-0298 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.
network
low complexity
cisco CWE-119
7.5
2017-11-02 CVE-2017-12277 Command Injection vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges.
network
low complexity
cisco CWE-77
8.8
2017-10-19 CVE-2017-3883 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-770
8.6