Vulnerabilities > Cisco > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-20 | CVE-2018-0308 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 7.5 |
2018-06-20 | CVE-2018-0307 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.2 |
2018-06-20 | CVE-2018-0295 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. | 7.8 |
2018-06-20 | CVE-2018-0292 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. | 8.3 |
2018-06-07 | CVE-2018-0352 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Wide Area Application Services 6.2(3) A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. | 7.2 |
2018-06-07 | CVE-2018-0321 | Improper Authentication vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. | 7.5 |
2018-06-07 | CVE-2018-0320 | SQL Injection vulnerability in Cisco products A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. | 7.5 |
2018-06-07 | CVE-2018-0316 | Improper Handling of Exceptional Conditions vulnerability in Cisco IP Phone Firmware 11.1(2) A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 7.8 |
2018-06-07 | CVE-2018-0296 | Path Traversal vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
2018-06-07 | CVE-2017-6779 | Resource Exhaustion vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 7.8 |