Vulnerabilities > Cisco > Firepower Extensible Operating System > 1.1.1.86

DATE CVE VULNERABILITY TITLE RISK
2018-06-21 CVE-2018-0310 Out-of-bounds Read vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product.
network
low complexity
cisco CWE-125
critical
9.8
2018-06-21 CVE-2018-0303 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device.
low complexity
cisco CWE-119
8.8
2018-06-21 CVE-2018-0302 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.
local
low complexity
cisco CWE-119
7.8
2018-06-21 CVE-2018-0298 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.
network
low complexity
cisco CWE-119
7.5
2017-11-02 CVE-2017-12277 Command Injection vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges.
network
low complexity
cisco CWE-77
8.8
2017-10-19 CVE-2017-3883 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-770
8.6
2016-01-22 CVE-2015-6435 OS Command Injection vulnerability in Cisco products
An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888.
network
low complexity
cisco CWE-78
critical
9.8