Published threat advisories for March 28, 2018

Multiple vulnerabilities in Cisco IOS Software's Login Enhancements feature could allow an unauthenticated remote attacker to cause a system reload, leading to a denial-of-service. This impacts organizations by disrupting network services and system availability. The risk is associated with devices positioned at the in

NVD published: March 28, 2018 • CISA KEV

Vulnerabilities in Cisco IOS Software's Login Enhancements feature allow remote attackers to cause system reloads, leading to denial-of-service. This impacts network availability for organizations utilizing affected Cisco devices, potentially disrupting services. The risk involves unauthenticated remote access causing

NVD published: March 28, 2018 • CISA KEV

A format string vulnerability in Cisco's Link Layer Discovery Protocol (LLDP) subsystem can allow an adjacent attacker to cause a denial of service or execute arbitrary code. This impacts organizations using Cisco IOS, IOS XE, and IOS XR software, posing a business risk through potential service disruption and unauthor

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE Software allows an unauthenticated remote attacker to cause a denial-of-service by reloading devices. This impacts network availability by exploiting incomplete input validation in DHCP relay functionality. The business risk involves potential disruption of network services.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE Software allows an unauthenticated attacker to cause a denial-of-service by sending a crafted DHCP packet. This can lead to device reloads, impacting network availability and business operations.

NVD published: March 28, 2018 • CISA KEV

Certain Cisco network devices are vulnerable to a flaw that can cause service disruption. An attacker could exploit this by sending a crafted DHCP packet, leading to a denial-of-service condition. This impacts network operations and requires applying vendor fixes.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE Software allows unauthenticated attackers to cause device reloads or execute arbitrary code by sending crafted messages. This impacts network device operation, potentially disrupting services and compromising data integrity. The realistic business risk includes service interrupti

NVD published: March 28, 2018 • CISA KEV

Buffer overflow vulnerabilities in Cisco's Link Layer Discovery Protocol (LLDP) subsystem could allow an adjacent attacker to cause a denial of service or execute arbitrary code. This impacts the integrity and availability of affected network devices. The business risk includes operational disruption and potential syst

NVD published: March 28, 2018 • CISA KEV

Certain Cisco IOS Software versions on specific Catalyst switches are vulnerable in the SNMP subsystem, allowing authenticated attackers to cause a denial of service. This may lead to device restarts and impact network service availability for affected organizations.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE Software's IKEv1 functionality could allow an unauthenticated attacker to cause a denial of service by reloading devices. This impacts network availability for organizations using these products, particularly those with internet-facing services.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE Software's IKEv2 module could allow remote attackers to cause a denial of service. This impacts network device availability and could disrupt business operations. The risk is considered high due to the ease of exploitation.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS Software and Cisco IOS XE Software's Smart Install feature could allow an attacker to cause a denial-of-service condition. This impacts network device availability by allowing remote attackers to trigger device reloads through crafted packets. Organizations using the Smart Install feature o

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco Catalyst switches' BFD implementation could allow an attacker to cause a denial of service. This could lead to system reloads, impacting network operations and employee productivity. The risk is heightened as this vulnerability is known to be exploited. Organizations should identify affected sy

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS Software's VPN module could allow remote attackers to cause a denial-of-service by sending crafted VPN traffic. This impacts network operations by potentially causing device hangs or crashes. The risk is external, as an unauthenticated attacker can exploit this over the network.

NVD published: March 28, 2018 • CISA KEV

A vulnerability in Cisco IOS and IOS XE software could allow an unauthenticated remote attacker to execute arbitrary code with elevated privileges or cause a denial of service. This impacts network devices, posing a business risk of system interruption and unauthorized access. Organizations should identify affected ass

NVD published: March 28, 2018 • CISA KEV