Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-15391 | Incorrect Calculation vulnerability in Cisco Remote PHY A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition. | 7.5 |
| 2018-10-05 | CVE-2018-15383 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. | 7.5 |
| 2018-10-05 | CVE-2018-15382 | External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. | 8.6 |
| 2018-10-05 | CVE-2018-15377 | Memory Leak vulnerability in Cisco IOS 15.7(3.1S)M/Denali16.3.6/Everest16.5.1 A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. | 8.6 |
| 2018-10-05 | CVE-2018-15373 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
| 2018-10-05 | CVE-2018-15372 | Unspecified vulnerability in Cisco IOS XE 16.8.1/16.9.1 A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. low complexity cisco | 8.1 |
| 2018-10-05 | CVE-2018-0485 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. | 8.6 |
| 2018-10-05 | CVE-2018-0475 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 7.4 |
| 2018-10-05 | CVE-2018-0473 | Unspecified vulnerability in Cisco IOS 15.2(4)E/15.2(5) A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. | 8.6 |
| 2018-10-05 | CVE-2018-0472 | Improper Input Validation vulnerability in Cisco IOS XE 15.5(3)S5.36/16.8.1 A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. | 8.6 |