Vulnerabilities > Cisco > Firepower Extensible Operating System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-06-21 | CVE-2018-0310 | Out-of-bounds Read vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. | 9.8 |
| 2018-06-21 | CVE-2018-0303 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0302 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 7.8 |
| 2018-06-21 | CVE-2018-0298 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. | 7.5 |
| 2018-06-20 | CVE-2018-0294 | Unspecified vulnerability in Cisco Firepower Extensible Operating System, Fxos and Nx-Os A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. | 6.7 |
| 2017-11-30 | CVE-2017-12329 | Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. | 4.6 |
| 2017-11-16 | CVE-2017-12299 | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System 2.2(1.58) A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to deny local IP management traffic. | 5.0 |
| 2017-11-02 | CVE-2017-12277 | Command Injection vulnerability in Cisco Firepower Extensible Operating System 1.1.4/2.0.1 A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges. | 8.8 |
| 2017-10-19 | CVE-2017-3883 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System, Fxos and Nx-Os A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |