Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-05 | CVE-2018-15370 | Unspecified vulnerability in Cisco IOS ROM Monitor 15.1(2)Sy3 A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. | 4.6 |
2018-10-05 | CVE-2018-15369 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
2018-10-05 | CVE-2018-15368 | OS Command Injection vulnerability in Cisco IOS XE 15.4(3)S A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
2018-10-05 | CVE-2018-0485 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. | 7.8 |
2018-10-05 | CVE-2018-0481 | OS Command Injection vulnerability in Cisco IOS XE 15.3(3)S3.16/16.7.1/16.7(1) A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 7.2 |
2018-10-05 | CVE-2018-0480 | Race Condition vulnerability in Cisco IOS XE 3.6(5) A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. | 5.7 |
2018-10-05 | CVE-2018-0477 | OS Command Injection vulnerability in Cisco IOS XE 15.3(3)S3.16/16.7.1/16.7(1) A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 7.2 |
2018-10-05 | CVE-2018-0476 | Unspecified vulnerability in Cisco IOS XE 15.5(3)S5.1/15.5(3)S6.1/16.6.2 A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. network cisco | 7.1 |
2018-10-05 | CVE-2018-0475 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 6.1 |
2018-10-05 | CVE-2018-0473 | Unspecified vulnerability in Cisco IOS 15.2(4)E/15.2(5) A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. | 5.0 |