Vulnerabilities > Cisco > IOS > 15.6.3.m6a

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-0175 Use of Externally-Controlled Format String vulnerability in Cisco Ios, IOS XE and IOS XR
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
low complexity
cisco CWE-134
8.0
8.0
2018-03-28 CVE-2018-0167 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Ios, IOS XE and IOS XR
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
low complexity
cisco CWE-119
8.8
8.8
2017-10-19 CVE-2017-12289 Information Exposure vulnerability in Cisco IOS
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file.
local
low complexity
cisco CWE-200
4.4
4.4