Cisco IOS XE vulnerabilities

CVE-2018-0476 [MEDIUM] CWE-399 CVE-2018-0476: A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Applicati A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device

CVE-2018-0131 [MEDIUM] CWE-326 CVE-2018-0131: A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because the affected software responds incorrectly to decryption failures. An attack

CVE-2018-0315 [CRITICAL] CWE-119 CVE-2018-0315: A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisc A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect memory ope

CVE-2018-0257 [MEDIUM] CWE-399 CVE-2018-0257: A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers cou A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect handling of certain DHCP packets. An attacker could exploit this vu

CVE-2018-0194 [HIGH] CWE-78 CVE-2018-0194: Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities

CVE-2018-0150 [CRITICAL] CWE-798 CVE-2018-0150: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in t A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level

CVE-2018-0151 [CRITICAL] CWE-119 CVE-2018-0151: A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Sof A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds checking of certain values in packets that are destined

CVE-2018-0175 [HIGH] CWE-119 CVE-2018-0175: Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Softw Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

CVE-2018-0164 [HIGH] CWE-399 CVE-2018-0164: A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an u A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. The vulnerability is due to incorrect handling of crafted IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets through the device. An exploit could al

CVE-2018-0157 [HIGH] CWE-19 CVE-2018-0157: A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthentica A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. The vulnerability is due to the way fragmented packets are handled in the firewall code. An attacker could exploit this vulnerability by sending fragmented IP Version 4 or IP Version 6 packets through an af

CVE-2018-0156 [HIGH] CWE-399 CVE-2018-0156: A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a

CVE-2018-0185 [HIGH] CWE-78 CVE-2018-0185: Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities

CVE-2018-0174 [HIGH] CWE-20 CVE-2018-0174: A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IO A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82

CVE-2018-0159 [HIGH] CWE-20 CVE-2018-0159: A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Ci A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. A

CVE-2018-0173 [HIGH] CWE-20 CVE-2018-0173: A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsula A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected

CVE-2018-0158 [HIGH] CWE-20 CVE-2018-0158: A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisc A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An atta

CVE-2018-0182 [HIGH] CWE-78 CVE-2018-0182: Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities

CVE-2018-0167 [HIGH] CWE-119 CVE-2018-0167: Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Ci Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCu

CVE-2018-0165 [HIGH] CWE-399 CVE-2018-0165: A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory Leak. The vulnerability is due to the affected software insufficiently processi

CVE-2018-0193 [HIGH] CWE-78 CVE-2018-0193: Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities