Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0362 | Improper Authentication vulnerability in Cisco products A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. | 4.3 |
| 2018-06-21 | CVE-2018-0359 | Session Fixation vulnerability in Cisco Meeting Server 2.3.0 A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid user session identifier, aka Session Fixation. | 5.5 |
| 2018-06-21 | CVE-2018-0358 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-06-21 | CVE-2018-0337 | Incorrect Authorization vulnerability in Cisco Nx-Os A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. | 7.8 |
| 2018-06-21 | CVE-2018-0331 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. | 6.5 |
| 2018-06-21 | CVE-2018-0313 | Injection vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. | 8.8 |
| 2018-06-21 | CVE-2018-0311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-06-21 | CVE-2018-0310 | Out-of-bounds Read vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. | 9.8 |
| 2018-06-21 | CVE-2018-0309 | Resource Exhaustion vulnerability in Cisco Nx-Os 7.0(3)I5(2)/7.0(3)I6(1) A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. | 7.7 |
| 2018-06-21 | CVE-2018-0306 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.8 |