Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-28 | CVE-2018-0196 | Unspecified vulnerability in Cisco IOS XE 16.1.2/16.2.0/16.3(1) A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. | 4.0 |
2018-03-28 | CVE-2018-0195 | Improper Authentication vulnerability in Cisco IOS XE A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. | 6.5 |
2018-03-28 | CVE-2018-0190 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-0188 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-0186 | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-0180 | Unspecified vulnerability in Cisco IOS Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
2018-03-28 | CVE-2018-0179 | Unspecified vulnerability in Cisco IOS Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
2018-03-28 | CVE-2018-0165 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XE 15.2(3)E/Denali16.3.3 A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory Leak. | 6.1 |
2018-03-28 | CVE-2018-0161 | Unspecified vulnerability in Cisco IOS 15.2(5)E A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. | 6.3 |
2018-03-28 | CVE-2018-0160 | Double Free vulnerability in Cisco IOS XE 15.5(3)S A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 6.3 |