Vulnerabilities > Cisco

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-0182 OS Command Injection vulnerability in Cisco IOS XE
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device.
local
low complexity
cisco CWE-78
7.8
2018-03-28 CVE-2018-0180 Unspecified vulnerability in Cisco IOS
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
network
high complexity
cisco
5.9
2018-03-28 CVE-2018-0179 Unspecified vulnerability in Cisco IOS
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
network
high complexity
cisco
5.9
2018-03-28 CVE-2018-0177 Unspecified vulnerability in Cisco IOS XE Denali16.3.1/Denali16.3.3
A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition.
network
low complexity
cisco
7.5
2018-03-28 CVE-2018-0176 OS Command Injection vulnerability in Cisco IOS XE 15.0(5.59)Emd/16.1(0)/16.2(0)
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.
local
low complexity
cisco CWE-78
7.8
2018-03-28 CVE-2018-0175 Use of Externally-Controlled Format String vulnerability in Cisco Ios, IOS XE and IOS XR
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
low complexity
cisco CWE-134
8.0
2018-03-28 CVE-2018-0174 Improper Input Validation vulnerability in Cisco IOS and IOS XE
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
8.6
2018-03-28 CVE-2018-0173 Improper Input Validation vulnerability in Cisco IOS and IOS XE
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition.
network
low complexity
cisco CWE-20
8.6
2018-03-28 CVE-2018-0172 Out-of-bounds Write vulnerability in Cisco IOS and IOS XE
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-787
8.6
2018-03-28 CVE-2018-0171 Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-787
critical
9.8