Cisco IOS XE vulnerabilities

CVE-2019-1761 [MEDIUM] CWE-665 CVE-2019-1761: A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 tra

CVE-2019-1746 [MEDIUM] CWE-20 CVE-2019-1746: A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and C A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation when processing CMP management packets. An attacker cou

CVE-2019-1742 [MEDIUM] CWE-16 CVE-2019-1742: A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attack A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. The vulnerability is due to improper access control to files within the web UI. An attacker could exploit this vulnerability by sending a malicious request to an affected device. A successful exploit coul

CVE-2019-1737 [HIGH] CWE-400 CVE-2019-1737: A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA res

CVE-2018-0472 [HIGH] CWE-20 CVE-2018-0472: A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco A A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payloa

CVE-2018-15373 [HIGH] CWE-399 CVE-2018-15373: A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Softwar A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when t

CVE-2018-0470 [HIGH] CWE-399 CVE-2018-0470: A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker

CVE-2018-15372 [HIGH] CWE-284 CVE-2018-15372: A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in

CVE-2018-0475 [HIGH] CWE-20 CVE-2018-0475: A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation when handling Cluster Management Protocol (CMP) messages. An attacker coul

CVE-2018-0467 [HIGH] CWE-20 CVE-2018-0467: A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthen A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A

CVE-2018-0471 [HIGH] CWE-400 CVE-2018-0471: A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6. A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain CDP packets. An attacker could exploit this vulnerabili

CVE-2018-0197 [MEDIUM] CWE-20 CVE-2018-0197: A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a logic error in how the affected software handles a subset

CVE-2018-15371 [MEDIUM] CWE-284 CVE-2018-15371: A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authen A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker

CVE-2018-0466 [MEDIUM] CWE-399 CVE-2018-0466: A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and I A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending crafted OSPFv3 Lin

CVE-2018-0481 [MEDIUM] CWE-77 CVE-2018-0481: A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attac A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures

CVE-2018-0469 [MEDIUM] CWE-415 CVE-2018-0469: A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, r A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when specific HTTP requests are processed. An attacker could exploit this vulnerability by sending specific HTTP

CVE-2018-0477 [MEDIUM] CWE-77 CVE-2018-0477: A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attac A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, failing to prevent access to certain internal data structures

CVE-2018-15374 [MEDIUM] CWE-347 CVE-2018-15374: A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authentica A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly verifying digital signatures for software images and files that are uploaded to a device. An attacker

CVE-2018-15368 [MEDIUM] CWE-20 CVE-2018-15368: A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attac A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent modifications

CVE-2018-0480 [MEDIUM] CWE-362 CVE-2018-0480: A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthent A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an errdisabled state, resulting in an incorrect state in the so