Cisco iOS vulnerabilities

CVE-2018-0175 [HIGH] CWE-119 CVE-2018-0175: Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Softw Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

CVE-2018-0156 [HIGH] CWE-399 CVE-2018-0156: A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a

CVE-2018-0174 [HIGH] CWE-20 CVE-2018-0174: A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IO A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82

CVE-2018-0159 [HIGH] CWE-20 CVE-2018-0159: A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Ci A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. A

CVE-2018-0173 [HIGH] CWE-20 CVE-2018-0173: A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsula A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected

CVE-2018-0169 [HIGH] CWE-264 CVE-2018-0169: Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected software improperly sanitizing command arguments to prevent acce

CVE-2018-0158 [HIGH] CWE-20 CVE-2018-0158: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisc A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An atta

CVE-2018-0167 [HIGH] CWE-119 CVE-2018-0167: Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Ci Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCu

CVE-2018-0155 [HIGH] CWE-388 CVE-2018-0155: A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Cata A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. The vulnerability is due to insufficient error handling

CVE-2018-0180 [MEDIUM] CWE-399 CVE-2018-0180: Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)

CVE-2018-0161 [MEDIUM] CWE-399 CVE-2018-0161: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software run A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The vulnerability is due to a condition that could occ

CVE-2018-0179 [MEDIUM] CWE-399 CVE-2018-0179: Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)

CVE-2018-0163 [MEDIUM] CWE-287 CVE-2018-0163: A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software cou A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access a

CVE-2017-12319 [MEDIUM] CWE-20 CVE-2017-12319: A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. The vul

CVE-2018-0123 [MEDIUM] CWE-22 CVE-2018-0123: A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell. The vulnerability is due to lack o

CVE-2017-12304 [MEDIUM] CWE-79 CVE-2017-12304: A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Soft A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface on an affected device. The vulnerability is due to insufficient validation of user-supplied input b

CVE-2017-12289 [MEDIUM] CWE-200 CVE-2017-12289: A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging that causes sensitive information to be writt

CVE-2017-12240 [CRITICAL] CWE-20 CVE-2017-12240: The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnera The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulne

CVE-2017-12237 [HIGH] CWE-399 CVE-2017-12237: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an

CVE-2017-12235 [HIGH] CWE-20 CVE-2017-12235: A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request pa