Vulnerabilities > Cisco > IOS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-0473 | Unspecified vulnerability in Cisco IOS 15.2(4)E/15.2(5) A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. | 5.0 |
| 2018-10-05 | CVE-2018-0466 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. low complexity cisco | 6.1 |
| 2018-08-14 | CVE-2018-0131 | Inadequate Encryption Strength vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. | 4.3 |
| 2018-04-19 | CVE-2018-0255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 6.8 |
| 2018-03-28 | CVE-2018-0161 | Unspecified vulnerability in Cisco IOS 15.2(5)E A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. network cisco | 6.3 |
| 2018-02-08 | CVE-2018-0123 | Path Traversal vulnerability in Cisco IOS and IOS XE A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. | 4.9 |
| 2017-11-16 | CVE-2017-12304 | Cross-site Scripting vulnerability in Cisco IOS 15.7(2.0Z)M A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface on an affected device. | 4.3 |
| 2017-09-29 | CVE-2017-12232 | Unspecified vulnerability in Cisco IOS A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. low complexity cisco | 6.1 |
| 2017-09-29 | CVE-2017-12228 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. | 4.3 |
| 2017-09-25 | CVE-2011-4667 | Cryptographic Issues vulnerability in Cisco IOS and Nx-Os The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP Security (aka IPSec) is used, allows remote attackers to obtain unencrypted packets from encrypted sessions. | 4.3 |