Vulnerabilities > Cisco > IOS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-28 | CVE-2019-1758 | Improper Authentication vulnerability in Cisco IOS A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. | 4.3 |
| 2019-03-28 | CVE-2019-1757 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. | 5.9 |
| 2019-03-28 | CVE-2019-1746 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 6.5 |
| 2019-01-10 | CVE-2018-0484 | Unspecified vulnerability in Cisco IOS 16.6.2/16.6.4 A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. | 6.5 |
| 2019-01-10 | CVE-2018-0282 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 6.8 |
| 2018-10-05 | CVE-2018-15376 | Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. | 6.7 |
| 2018-10-05 | CVE-2018-15375 | Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. | 6.7 |
| 2018-10-05 | CVE-2018-15369 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 6.8 |
| 2018-10-05 | CVE-2018-0466 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. low complexity cisco | 6.5 |
| 2018-10-05 | CVE-2018-0197 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. | 6.5 |