CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15375 – Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-15375
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An attacker could exploit this vulnerability by using these commands on an affected device. A successful exploit could allow the attacker to write arbitrary values to arbitrary locations in the memory space of the affected device. Una vulnerabilidad en el subsistema de pruebas embebido de Cisco IOS Software para routers Cisco 800 Series Industrial Integrated Services podría permitir que un atacante local autenticado escriba valores arbitrarios en ubicaciones arbitrarias en el espacio de memoria de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ir800-memwrite • CWE-123: Write-what-where Condition •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0480 – Cisco IOS XE Software Errdisable Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0480
A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an errdisabled state, resulting in an incorrect state in the software. An attacker could exploit this vulnerability by sending frames that trigger the errdisable condition. A successful exploit could allow the attacker to cause the affected device to crash, leading to a DoS condition. Una vulnerabilidad en la característica errdisable per VLAN en Cisco IOS XE Software podría permitir que un atacante adyacente sin autenticar haga que el dispositivo se cierre inesperadamente, provocando una denegación de servicio (DoS). • http://www.securityfocus.com/bid/105400 http://www.securitytracker.com/id/1041737 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-errdisable • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15369 – Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15369
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker could exploit this vulnerability by injecting a crafted TACACS+ packet into an existing TACACS+ session between an affected device and a TACACS+ server or by impersonating a known, valid TACACS+ server and sending a crafted TACACS+ packet to an affected device when establishing a connection to the device. To exploit this vulnerability by using either method, the attacker must know the shared TACACS+ secret and the crafted packet must be sent in response to a TACACS+ request from a TACACS+ client. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. • http://www.securityfocus.com/bid/105426 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-tacplus • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0473 – Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0473
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network. Una vulnerabilidad en el subsistema Precision Time Protocol (PTP) de Cisco NX-OS Software podría permitir que un atacante remoto sin autenticar provoque una denegación de servicio (DoS) en el protocolo PTP. • http://www.securityfocus.com/bid/105427 http://www.securitytracker.com/id/1041737 https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0467 – Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0467
A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. Una vulnerabilidad en el código de procesamiento IPv6 en Cisco IOS y Cisco IOS XE Software podría permitir que un atacante remoto sin autenticar haga que el dispositivo se reinicie. • http://www.securitytracker.com/id/1041737 https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh • CWE-20: Improper Input Validation •