Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2018-0271 | Improper Authentication vulnerability in Cisco Digital Network Architecture Center A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. | 7.5 |
| 2018-05-02 | CVE-2018-0252 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-05-02 | CVE-2018-0234 | Improper Input Validation vulnerability in Cisco Aironet Access Point Software 8.4(100.0)/8.5(103.0)/8.5(105.0) A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-04-19 | CVE-2018-0275 | Unspecified vulnerability in Cisco Identity Services Engine A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. | 7.2 |
| 2018-04-19 | CVE-2018-0240 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0233 | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. | 7.8 |
| 2018-04-19 | CVE-2018-0231 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0230 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-04-19 | CVE-2018-0228 | Improper Locking vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-04-02 | CVE-2018-0194 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |