Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-0235 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.6(1.106)/8.6(1.114) A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. low complexity cisco | 7.4 |
| 2018-05-02 | CVE-2018-0234 | Improper Input Validation vulnerability in Cisco Aironet Access Point Software 8.4(100.0)/8.5(103.0)/8.5(105.0) A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-05-02 | CVE-2018-0226 | Unspecified vulnerability in Cisco Mobility Express Software 8.3(90.65)/8.4(1.65) A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affected access point. | 7.5 |
| 2018-04-19 | CVE-2018-0259 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-04-19 | CVE-2018-0255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |
| 2018-04-19 | CVE-2018-0241 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. low complexity cisco | 7.4 |
| 2018-04-19 | CVE-2018-0240 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0239 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Staros A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. | 7.5 |
| 2018-04-19 | CVE-2018-0233 | Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0231 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. | 8.6 |