Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-0469 | Double Free vulnerability in Cisco IOS XE 16.5.1 A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.1 |
| 2018-10-05 | CVE-2018-0467 | Improper Input Validation vulnerability in Cisco IOS XE 15.6(2)Sp/16.6.1/Everest16.6.1 A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. | 7.8 |
| 2018-10-05 | CVE-2018-0453 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. | 7.2 |
| 2018-10-05 | CVE-2018-0448 | Inadequate Encryption Strength vulnerability in Cisco Digital Network Architecture Center 1.1/1.1.2/1.1.3 A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. | 7.5 |
| 2018-10-05 | CVE-2018-0438 | Improper Privilege Management vulnerability in Cisco Umbrella Enterprise Roaming Client A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. | 7.2 |
| 2018-10-05 | CVE-2018-0437 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. | 7.2 |
| 2018-10-05 | CVE-2018-0436 | Improper Privilege Management vulnerability in Cisco Webex Teams A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote attacker to view and modify data for an organization other than their own organization. | 8.7 |
| 2018-10-05 | CVE-2018-0433 | OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2018-08-15 | CVE-2018-0428 | Improper Privilege Management vulnerability in Cisco web Security Appliance A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. | 7.2 |
| 2018-08-15 | CVE-2018-0418 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |