Vulnerabilities > Cisco > IOS XE > 3.5.2e
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-0193 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
| 2018-03-28 | CVE-2018-0190 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
| 2018-03-28 | CVE-2018-0189 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. network cisco | 7.1 |
| 2018-03-28 | CVE-2018-0188 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
| 2018-03-28 | CVE-2018-0186 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
| 2018-03-28 | CVE-2018-0185 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
| 2018-03-28 | CVE-2018-0184 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
| 2018-03-28 | CVE-2018-0183 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
| 2018-03-28 | CVE-2018-0182 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
| 2018-03-27 | CVE-2017-12319 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. | 7.1 |