Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-18 | CVE-2018-0102 | Double Free vulnerability in Cisco Nx-Os 7.2(1)D(1)/7.2(2)D1(1)/7.2(2)D1(2) A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
| 2018-01-18 | CVE-2018-0099 | OS Command Injection vulnerability in Cisco D9800 Firmware A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. | 8.8 |
| 2018-01-18 | CVE-2018-0095 | Unspecified vulnerability in Cisco Asyncos 9.1.1005/9.7.2065 A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. | 7.8 |
| 2018-01-18 | CVE-2018-0094 | Resource Exhaustion vulnerability in Cisco Unified Computing System Central Software 1.4(1A) A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. | 7.5 |
| 2018-01-18 | CVE-2018-0092 | Missing Authorization vulnerability in Cisco Nx-Os 7.0(3)I5(2)/7.0(3)I6(1)/7.0(3)I7(1) A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. | 7.1 |
| 2018-01-18 | CVE-2018-0090 | Resource Exhaustion vulnerability in Cisco Nx-Os 7.3(2)N1(0.6)/8.3(0)Kms(0.31)/8.8(3.5)S0 A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. | 7.5 |
| 2018-01-18 | CVE-2018-0089 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Policy Suite 10.0.0/11.0.0/11.1.0 A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |
| 2018-01-18 | CVE-2018-0086 | Resource Exhaustion vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. | 8.6 |
| 2018-01-04 | CVE-2018-0114 | Improper Verification of Cryptographic Signature vulnerability in Cisco Node-Jose A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. | 7.5 |
| 2018-01-04 | CVE-2018-0103 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to execute arbitrary code on the system of a user. | 7.8 |