Cisco iOS vulnerabilities

CVE-2019-1757 [MEDIUM] CWE-295 CVE-2019-1757: A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by

CVE-2019-1761 [MEDIUM] CWE-665 CVE-2019-1761: A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 tra

CVE-2019-1758 [MEDIUM] CWE-287 CVE-2019-1758: A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An attacker could exploit this vulnerability by attempting to connect to the ne

CVE-2019-1746 [MEDIUM] CWE-20 CVE-2019-1746: A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and C A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation when processing CMP management packets. An attacker cou

CVE-2019-1737 [HIGH] CWE-400 CVE-2019-1737: A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA res

CVE-2018-0484 [MEDIUM] CWE-284 CVE-2018-0484: A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a missing check in the SSH server. An attacker could

CVE-2018-0282 [MEDIUM] CWE-371 CVE-2018-0282: A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticat A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applications, the only

CVE-2018-0473 [HIGH] CWE-399 CVE-2018-0473: A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to

CVE-2018-15377 [HIGH] CWE-400 CVE-2018-15377: A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n- A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker cou

CVE-2018-15373 [HIGH] CWE-399 CVE-2018-15373: A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Softwar A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when t

CVE-2018-0485 [HIGH] CWE-19 CVE-2018-0485: A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (IS A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected

CVE-2018-0475 [HIGH] CWE-20 CVE-2018-0475: A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation when handling Cluster Management Protocol (CMP) messages. An attacker coul

CVE-2018-15375 [MEDIUM] CWE-123 CVE-2018-15375: A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended

CVE-2018-0197 [MEDIUM] CWE-20 CVE-2018-0197: A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a logic error in how the affected software handles a subset

CVE-2018-0466 [MEDIUM] CWE-399 CVE-2018-0466: A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and I A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending crafted OSPFv3 Lin

CVE-2018-15376 [MEDIUM] CWE-123 CVE-2018-15376: A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended

CVE-2018-15369 [MEDIUM] CWE-20 CVE-2018-15369: A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software coul A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker

CVE-2018-0131 [MEDIUM] CWE-326 CVE-2018-0131: A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because the affected software responds incorrectly to decryption failures. An attack

CVE-2018-0255 [HIGH] CWE-352 CVE-2018-0255: A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allo A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. The vulnerability is due to insufficient CSRF protection by the device manager web interface. An attacker could exploit this

CVE-2018-0171 [CRITICAL] CWE-20 CVE-2018-0171: A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An