| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-15447 |
89 |
|
Exec Code Sql |
2018-11-08 |
2018-12-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application. |
|
2 |
CVE-2018-15441 |
89 |
|
Exec Code +Priv Sql |
2018-11-28 |
2018-12-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application. A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres user. |
|
3 |
CVE-2018-15399 |
400 |
|
DoS |
2018-10-05 |
2018-11-27 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS. |
|
4 |
CVE-2018-15397 |
320 |
|
DoS |
2018-10-05 |
2019-01-10 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition. |
|
5 |
CVE-2018-15391 |
399 |
|
DoS |
2018-10-05 |
2019-01-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition. The vulnerability is due to the affected software not validating and calculating certain numerical values in IPv4 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending malformed IPv4 traffic to an affected device. A successful exploit could allow the attacker to disrupt the flow of certain IPv4 traffic passing through an affected device, which could result in a DoS condition. |
|
6 |
CVE-2018-15390 |
399 |
|
DoS |
2018-10-05 |
2018-12-31 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition. |
|
7 |
CVE-2018-15389 |
255 |
|
|
2018-10-05 |
2019-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. The vulnerability is due to a hard-coded password that, in some cases, is not replaced with a unique password. A successful exploit could allow the attacker to access the administrative web interface with administrator-level privileges. |
|
8 |
CVE-2018-15387 |
20 |
|
Bypass |
2018-10-05 |
2019-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by supplying a system image signed with a crafted certificate to an affected device, bypassing the certificate validation. An exploit could allow an attacker to deploy a crafted system image. |
|
9 |
CVE-2018-15386 |
16 |
|
Bypass |
2018-10-05 |
2018-12-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files. |
|
10 |
CVE-2018-15383 |
400 |
|
DoS |
2018-10-05 |
2019-01-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the affected devices have a limited amount of Direct Memory Access (DMA) memory and the affected software improperly handles resources in low-memory conditions. An attacker could exploit this vulnerability by sending a sustained, high rate of malicious traffic to an affected device to exhaust memory on the device. A successful exploit could allow the attacker to exhaust DMA memory on the affected device, which could cause the device to reload and result in a temporary DoS condition. |
|
11 |
CVE-2018-15382 |
642 |
|
|
2018-10-05 |
2018-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by accessing the static signing key from one HyperFlex system and using it to generate valid, signed session tokens for another HyperFlex system. A successful exploit could allow the attacker to access the HyperFlex Web UI of a system for which they are not authorized. |
|
12 |
CVE-2018-15379 |
275 |
|
Exec Code |
2018-10-05 |
2019-01-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication. |
|
13 |
CVE-2018-15377 |
400 |
|
|
2018-10-05 |
2018-12-31 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by sending invalid data to the Cisco Network Plug and Play agent on an affected device. A successful exploit could allow the attacker to cause a memory leak on the affected device, which could cause the device to reload. |
|
14 |
CVE-2018-15376 |
123 |
|
|
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An attacker could exploit this vulnerability by using these commands on an affected device. A successful exploit could allow the attacker to write arbitrary values to arbitrary locations in the memory space of the affected device. |
|
15 |
CVE-2018-15375 |
123 |
|
|
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An attacker could exploit this vulnerability by using these commands on an affected device. A successful exploit could allow the attacker to write arbitrary values to arbitrary locations in the memory space of the affected device. |
|
16 |
CVE-2018-15374 |
347 |
|
Bypass |
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly verifying digital signatures for software images and files that are uploaded to a device. An attacker could exploit this vulnerability by uploading a malicious software image or file to an affected device. A successful exploit could allow the attacker to bypass digital signature verification checks for software images and files and install a malicious software image or file on the affected device. |
|
17 |
CVE-2018-15371 |
284 |
|
Bypass |
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by requesting access to the root shell of an affected device, after the shell access feature has been enabled. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device. |
|
18 |
CVE-2018-15369 |
20 |
|
DoS |
2018-10-05 |
2018-12-31 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker could exploit this vulnerability by injecting a crafted TACACS+ packet into an existing TACACS+ session between an affected device and a TACACS+ server or by impersonating a known, valid TACACS+ server and sending a crafted TACACS+ packet to an affected device when establishing a connection to the device. To exploit this vulnerability by using either method, the attacker must know the shared TACACS+ secret and the crafted packet must be sent in response to a TACACS+ request from a TACACS+ client. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. |
|
19 |
CVE-2018-15368 |
20 |
|
Exec Code +Priv |
2018-10-05 |
2018-11-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent modifications to the underlying Linux filesystem on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. |
|
20 |
CVE-2018-5390 |
20 |
|
DoS |
2018-08-06 |
2019-01-16 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. |
|
21 |
CVE-2018-0485 |
19 |
|
DoS |
2018-10-05 |
2019-01-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of user input. An attacker could exploit this vulnerability by first connecting to the SM-1T3/E3 module console and entering a string sequence. A successful exploit could allow the attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a DoS condition on an affected device. |
|
22 |
CVE-2018-0481 |
77 |
|
Exec Code |
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures on an affected device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain custom arguments. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. |
|
23 |
CVE-2018-0477 |
77 |
|
Exec Code |
2018-10-05 |
2018-11-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures on an affected device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit these vulnerabilities on the device by executing CLI commands that contain custom arguments. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected device. |
|
24 |
CVE-2018-0476 |
399 |
|
DoS |
2018-10-05 |
2019-01-09 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition. |
|
25 |
CVE-2018-0472 |
20 |
|
|
2018-10-05 |
2018-12-31 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device. |
|
26 |
CVE-2018-0470 |
399 |
|
DoS Overflow |
2018-10-05 |
2018-11-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker could exploit this vulnerability by sending a malformed HTTP packet to an affected device for processing. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, resulting in a DoS condition. |
|
27 |
CVE-2018-0469 |
415 |
|
DoS |
2018-10-05 |
2018-11-26 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker could exploit this vulnerability by sending specific HTTP requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. |
|
28 |
CVE-2018-0467 |
20 |
|
DoS |
2018-10-05 |
2018-11-26 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. |
|
29 |
CVE-2018-0453 |
264 |
|
Exec Code |
2018-10-05 |
2018-12-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC. The vulnerability exists because the affected software performs insufficient checks for certain CLI commands, if the commands are executed via a Sourcefire tunnel connection. An attacker could exploit this vulnerability by authenticating with root privileges to a Firepower sensor or Cisco FMC, and then sending specific CLI commands to the Cisco FMC or through the Cisco FMC to another Firepower sensor via the Sourcefire tunnel connection. A successful exploit could allow the attacker to modify device configurations or delete files on the device that is running Cisco FMC Software or on any Firepower device that is managed by Cisco FMC. |
|
30 |
CVE-2018-0437 |
264 |
|
|
2018-10-05 |
2019-01-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges. |
|
31 |
CVE-2018-0433 |
77 |
|
Exec Code |
2018-10-05 |
2019-01-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges. |
|
32 |
CVE-2018-0428 |
284 |
|
Exec Code +Priv |
2018-08-15 |
2018-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access controls. An attacker could exploit this vulnerability by authenticating to the device as a specific user to gain the information needed to elevate privileges to root in a separate login shell. A successful exploit could allow the attacker to escape the CLI subshell and execute system-level commands on the underlying operating system as root. Cisco Bug IDs: CSCvj93548. |
|
33 |
CVE-2018-0418 |
400 |
|
DoS |
2018-08-15 |
2018-10-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858. |
|
34 |
CVE-2018-0410 |
400 |
|
DoS |
2018-08-15 |
2018-10-16 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610. |
|
35 |
CVE-2018-0398 |
918 |
|
|
2018-07-18 |
2018-09-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018. |
|
36 |
CVE-2018-0397 |
399 |
|
DoS |
2018-08-01 |
2018-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192. |
|
37 |
CVE-2018-0377 |
306 |
|
|
2018-07-18 |
2018-09-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017. |
|
38 |
CVE-2018-0376 |
306 |
|
|
2018-07-18 |
2018-09-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109. |
|
39 |
CVE-2018-0374 |
306 |
|
|
2018-07-18 |
2018-09-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134. |
|
40 |
CVE-2018-0372 |
400 |
|
DoS |
2018-07-18 |
2018-09-20 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918. |
|
41 |
CVE-2018-0352 |
264 |
|
+Priv |
2018-06-07 |
2018-07-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges (level 15) to log in to the device. The vulnerability is due to insufficient validation of script files executed in the context of the Disk Check Tool. An attacker could exploit this vulnerability by replacing one script file with a malicious script file while the affected tool is running. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. Cisco Bug IDs: CSCvi72673. |
|
42 |
CVE-2018-0351 |
77 |
|
Exec Code |
2018-07-18 |
2018-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the tcpdump utility. The attacker must be authenticated to access the tcpdump utility. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69751. |
|
43 |
CVE-2018-0347 |
77 |
|
Exec Code |
2018-07-18 |
2018-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906. |
|
44 |
CVE-2018-0346 |
119 |
|
DoS Overflow |
2018-07-18 |
2018-09-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in packets that are sent to the Zero Touch Provisioning service of the affected software. An attacker could exploit this vulnerability by sending malicious packets to the affected software for processing. When the software processes the packets, a buffer overflow condition could occur and cause an affected device to reload. A successful exploit could allow the attacker to cause a temporary DoS condition while the device reloads. This vulnerability can be exploited only by traffic that is destined for an affected device. It cannot be exploited by traffic that is transiting a device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69914. |
|
45 |
CVE-2018-0342 |
119 |
|
DoS Exec Code Overflow |
2018-07-18 |
2018-09-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete bounds checks for data that is provided by the configuration and monitoring service of the affected solution. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, which could allow the attacker to execute arbitrary code with root privileges on the device or cause the vDaemon listening service to reload and result in a DoS condition on the device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi70003. |
|
46 |
CVE-2018-0337 |
20 |
|
Exec Code |
2018-06-21 |
2018-08-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. The vulnerability exists because the affected software lacks proper input and validation checks for certain file systems. An attacker could exploit this vulnerability by issuing crafted commands in the CLI of an affected device. A successful exploit could allow the attacker to cause other users to execute unwanted, arbitrary commands on the affected device. Cisco Bug IDs: CSCvd06339, CSCvd15698, CSCvd36108, CSCvf52921, CSCvf52930, CSCvf52953, CSCvf52976. |
|
47 |
CVE-2018-0321 |
287 |
|
|
2018-06-07 |
2018-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) service. An attacker could exploit this vulnerability by accessing the open RMI system on an affected PCP instance. An exploit could allow the attacker to perform malicious actions that affect PCP and the devices that are connected to it. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd61746. |
|
48 |
CVE-2018-0320 |
89 |
|
Exec Code Sql |
2018-06-07 |
2018-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.1 and prior. Cisco Bug IDs: CSCvd61754. |
|
49 |
CVE-2018-0316 |
399 |
|
DoS |
2018-06-07 |
2018-07-20 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the firmware of an affected phone incorrectly handles errors that could occur when an incoming phone call is not answered. An attacker could exploit this vulnerability by sending a set of maliciously crafted SIP packets to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. This vulnerability affects Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware if they are running a Multiplatform Firmware release prior to Release 11.1(2). Cisco Bug IDs: CSCvi24718. |
|
50 |
CVE-2018-0315 |
119 |
|
DoS Exec Code Overflow |
2018-06-07 |
2018-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect memory operations that the affected software performs when the software parses a username during login authentication. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device or cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are running Cisco IOS XE Software Release Fuji 16.7.1 or Fuji 16.8.1 and are configured to use AAA for login authentication. Cisco Bug IDs: CSCvi25380. |
