Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-17 | CVE-2018-0441 | Resource Exhaustion vulnerability in Cisco Access Points A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.1 |
| 2018-10-17 | CVE-2018-0420 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software 8.2(151.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. | 6.5 |
| 2018-10-17 | CVE-2018-0417 | Unspecified vulnerability in Cisco Wireless LAN Controller Software A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. | 7.8 |
| 2018-10-17 | CVE-2018-0381 | Improper Locking vulnerability in Cisco Aironet Access Points A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 5.5 |
| 2018-10-17 | CVE-2018-15435 | Cross-site Scripting vulnerability in Cisco Socialminer 11.6(1) A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. | 4.3 |
| 2018-10-17 | CVE-2018-0378 | Improper Input Validation vulnerability in Cisco Nx-Os 7.3(2)N1(0.8) A vulnerability in the Precision Time Protocol (PTP) feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
| 2018-10-17 | CVE-2018-15402 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Enterprise Network Virtualization Software Nfvis8.0/Nfvis9.0 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks. | 6.8 |
| 2018-10-17 | CVE-2018-15395 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.5(120.0) A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. low complexity cisco | 2.7 |
| 2018-10-17 | CVE-2018-0456 | Improper Input Validation vulnerability in Cisco Nx-Os 9.2(0.43) A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly. | 6.8 |
| 2018-10-17 | CVE-2018-0416 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 8.5(130.0)/8.9(1.52) A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. | 5.0 |