Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-0159 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-03-28 | CVE-2018-0158 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS and IOS XE A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 7.8 |
| 2018-03-28 | CVE-2018-0157 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. | 7.8 |
| 2018-03-28 | CVE-2018-0156 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-03-28 | CVE-2018-0155 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS and IOS XE A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. | 7.8 |
| 2018-03-28 | CVE-2018-0154 | Unspecified vulnerability in Cisco IOS A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
| 2018-03-28 | CVE-2018-0152 | Insufficient Session Expiration vulnerability in Cisco IOS XE 16.1.1 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. | 9.0 |
| 2018-03-28 | CVE-2018-0151 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 16.5.1 A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. | 10.0 |
| 2018-03-28 | CVE-2018-0150 | Use of Hard-coded Credentials vulnerability in Cisco IOS XE 16.5.1 A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. | 9.8 |
| 2018-03-27 | CVE-2018-0198 | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. | 5.0 |