The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IOS by Cisco

cybersecurity threat 25809

Cisco IOS / IOS XE: security improvement of Smart Install

Synthesis of the vulnerability

The security of Cisco IOS / IOS XE can be improved by securing Smart Install.
Severity: 3/4.
Creation date: 10/04/2018.
Identifiers: cisco-sa-20180409-smi, VIGILANCE-VUL-25809.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

This bulletin is about a security improvement.

It does not describe a vulnerability.

The security of Cisco IOS / IOS XE can be improved by securing Smart Install.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2018-0167 CVE-2018-0175

Cisco IOS / IOS XE / IOS XR: memory corruption via LLDP

Synthesis of the vulnerability

An attacker can generate a memory corruption via LLDP of Cisco IOS / IOS XE / IOS XR, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-lldp, CSCuo17183, CSCvd73487, CSCvd73664, CVE-2018-0167, CVE-2018-0175, VIGILANCE-VUL-25697.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via LLDP of Cisco IOS / IOS XE / IOS XR, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2018-0158

Cisco IOS / IOS XE: memory leak via IKEv1

Synthesis of the vulnerability

An attacker can create a memory leak via IKEv1 of Cisco IOS / IOS XE, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-ike, CSCvf22394, CVE-2018-0158, VIGILANCE-VUL-25695.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via IKEv1 of Cisco IOS / IOS XE, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2018-0159

Cisco IOS / IOS XE: denial of service via IKEv1

Synthesis of the vulnerability

An attacker can send malicious IKEv1 packets to Cisco IOS / IOS XE, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-ike-dos, CSCuj73916, CVE-2018-0159, VIGILANCE-VUL-25694.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can send malicious IKEv1 packets to Cisco IOS / IOS XE, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2018-0163

Cisco IOS: privilege escalation via 802.1x Multiple-Authentication

Synthesis of the vulnerability

An attacker can bypass restrictions via 802.1x Multiple-Authentication of Cisco IOS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-dot1x, CSCvg69701, CVE-2018-0163, VIGILANCE-VUL-25691.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via 802.1x Multiple-Authentication of Cisco IOS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-0154

Cisco IOS: denial of service via ISM-VPN Crypto Engine

Synthesis of the vulnerability

An attacker can generate a fatal error via ISM-VPN Crypto Engine of Cisco IOS, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-dos, CSCvd39267, CVE-2018-0154, VIGILANCE-VUL-25690.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via ISM-VPN Crypto Engine of Cisco IOS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-0174

Cisco IOS / IOS XE: denial of service via DHCPv4 Option 82 Relay

Synthesis of the vulnerability

An attacker can generate a fatal error via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-dhcpr3, CSCuh91645, CVE-2018-0174, VIGILANCE-VUL-25689.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2018-0173

Cisco IOS / IOS XE: denial of service via DHCPv4 Option 82 Relay

Synthesis of the vulnerability

An attacker can generate a fatal error via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-dhcpr2, CSCvg62754, CVE-2018-0173, VIGILANCE-VUL-25688.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2018-0172

Cisco IOS / IOS XE: buffer overflow via DHCPv4 Option 82 Relay

Synthesis of the vulnerability

An attacker can generate a buffer overflow via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-dhcpr1, CSCvg62730, CVE-2018-0172, VIGILANCE-VUL-25687.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via DHCPv4 Option 82 Relay of Cisco IOS / IOS XE, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-0151

Cisco IOS / IOS XE: code execution via Quality of Service

Synthesis of the vulnerability

An attacker can use a vulnerability via Quality of Service of Cisco IOS / IOS XE, in order to run code.
Severity: 4/4.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-qos, CSCvf73881, CVE-2018-0151, VIGILANCE-VUL-25686.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability via Quality of Service of Cisco IOS / IOS XE, in order to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about IOS by Cisco: