Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-18 | CVE-2018-0347 | Command Injection vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2018-07-18 | CVE-2018-0346 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-07-18 | CVE-2018-0345 | Argument Injection or Modification vulnerability in Cisco products A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. | 8.8 |
| 2018-07-18 | CVE-2018-0344 | Command Injection vulnerability in Cisco products A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. | 7.2 |
| 2018-07-18 | CVE-2018-0343 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. | 8.8 |
| 2018-07-16 | CVE-2018-0385 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 7.5 |
| 2018-07-16 | CVE-2018-0383 | Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center 6.2.2.1/6.2.3/6.3.0 A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. | 8.6 |
| 2018-07-16 | CVE-2018-0370 | Unspecified vulnerability in Cisco Secure Firewall Management Center 6.1.0.7/6.2.0.5/6.2.2.2 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. | 7.5 |
| 2018-07-16 | CVE-2018-0369 | Improper Input Validation vulnerability in Cisco Staros A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-07-16 | CVE-2018-0368 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module 1.1Base A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system. | 7.8 |