Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Product filter

Ios Subscribe

Filter

275 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1649 1 Cisco 14 Enterprise Network Compute System, Analog Voice Network Interface Modules Firmware, Asr 1000 Series Firmware and 11 more 2019-10-09 7.2
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This...
CVE-2019-12672 1 Cisco 1 Ios 2019-10-09 7.2
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying operating system (OS) with root privileges. The...
CVE-2019-12670 1 Cisco 1 Ios 2019-10-09 4.6
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file...
CVE-2019-12665 1 Cisco 1 Ios 2019-10-09 5.8
A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port...
CVE-2019-12656 1 Cisco 6 Cgr 1000 Firmware, Ic3000 Firmware, Ie 4000 Firmware and 3 more 2019-10-09 5.0
A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The...
CVE-2019-12649 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.2
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability exists...
CVE-2018-15376 1 Cisco 1 Ios 2019-10-09 7.2
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of...
CVE-2018-15375 1 Cisco 1 Ios 2019-10-09 7.2
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of...
CVE-2018-0484 1 Cisco 1 Ios 2019-10-09 4.0
A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the...
CVE-2018-0475 1 Cisco 2 Ios, Ios Xe 2019-10-09 6.1
A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability...
CVE-2018-0282 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.1
A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the...
CVE-2018-0255 1 Cisco 1 Ios 2019-10-09 6.8
A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. The...
CVE-2018-0180 1 Cisco 1 Ios 2019-10-09 7.1
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These...
CVE-2018-0179 1 Cisco 1 Ios 2019-10-09 7.1
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These...
CVE-2018-0169 1 Cisco 1 Ios 2019-10-09 7.2
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device....
CVE-2018-0131 1 Cisco 2 Ios, Ios Xe 2019-10-09 4.3
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session....
CVE-2018-0123 1 Cisco 2 Ios, Ios Xe 2019-10-09 4.9
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive...
CVE-2017-6770 1 Cisco 7 Adaptive Security Appliance Software, Ios, Nx-os and 4 more 2019-10-09 4.3
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link...
CVE-2017-6627 1 Cisco 2 Ios Xe, Ios 2019-10-09 5.0
A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface...
CVE-2017-3850 1 Cisco 2 Ios, Ios Xe 2019-10-09 7.1
A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service...