Cisco Released Security Updates & Fixed 37 Vulnerabilities

Cisco released security updates for its products that affected by 36 different Vulnerabilities and some of the critical flaws leads attacker run arbitrary code in the vulnerable Cisco products.

Cisco addressed 3 “CRITICAL” Vulnerabilities, 8 vulnerabilities categorized under the severity rate as “HIGH” and 26 vulnerabilities addressed as “MEDIUM” Severity.

Critical vulnerabilities allow an attacker to perform file upload and command execution, Un authentication access, and authentication bypass Attack in vulnerable Cisco products

- Advertisement -

Critical Severity Vulnerabilities

Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

Critical

CVE-2018-15379

2018 Oct 03

1.0

Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

Critical

CVE-2018-15379

2018 Oct 03

1.0

Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

Critical

CVE-2018-15379

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability

Critical

CVE-2018-15386

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability

Critical

CVE-2018-15386

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability

Critical

CVE-2018-15386

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Authentication Bypass Vulnerability

Critical

CVE-2018-0448

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Authentication Bypass Vulnerability

Critical

CVE-2018-0448

2018 Oct 03

1.0

Cisco Digital Network Architecture Center Authentication Bypass Vulnerability

Critical

CVE-2018-0448

2018 Oct 03

1.0

High Severity Vulnerabilities

Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018

High

CVE-2018-5391

2018 Oct 04

1.11

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

High

CVE-2018-15408
CVE-2018-15409

2018 Oct 03

1.0

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

High

CVE-2018-15408
CVE-2018-15409

2018 Oct 03

1.0

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

High

CVE-2018-15408
CVE-2018-15409

2018 Oct 03

1.0

Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability

High

CVE-2018-15387

2018 Oct 03

1.0

Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability

High

CVE-2018-15387

2018 Oct 03

1.0

Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability

High

CVE-2018-15387

2018 Oct 03

1.0

Cisco HyperFlex Software Static Signing Key Vulnerability

High

CVE-2018-15382

2018 Oct 03

1.0

Cisco HyperFlex Software Static Signing Key Vulnerability

High

CVE-2018-15382

2018 Oct 03

1.0

Cisco HyperFlex Software Static Signing Key Vulnerability

High

CVE-2018-15382

2018 Oct 03

1.0

Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

High

CVE-2018-15390

2018 Oct 03

1.0

Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

High

CVE-2018-15390

2018 Oct 03

1.0

Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

High

CVE-2018-15390

2018 Oct 03

1.0

Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

High

CVE-2018-0455

2018 Oct 03

1.0

Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

High

CVE-2018-0455

2018 Oct 03

1.0

Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

High

CVE-2018-0455

2018 Oct 03

1.0

Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability

High

CVE-2018-15389

2018 Oct 03

1.0

Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability

High

CVE-2018-15389

2018 Oct 03

1.0

Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability

High

CVE-2018-15389

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

High

CVE-2018-15383

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

High

CVE-2018-15383

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

High

CVE-2018-15383

2018 Oct 03

1.0

Medium Severity Vulnerabilities

Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability

Medium

CVE-2018-15391

2018 Oct 03

1.1

Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability

Medium

CVE-2018-15391

2018 Oct 03

1.1

Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability

Medium

CVE-2018-15391

2018 Oct 03

1.1

Cisco Webex Centers Cross-Site Scripting Vulnerability

Medium

CVE-2018-15436

2018 Oct 03

1.0

Cisco Webex Centers Cross-Site Scripting Vulnerability

Medium

CVE-2018-15436

2018 Oct 03

1.0

Cisco Webex Centers Cross-Site Scripting Vulnerability

Medium

CVE-2018-15436

2018 Oct 03

1.0

Cisco Unity Connection File Upload Denial of Service Vulnerability

Medium

CVE-2018-15396

2018 Oct 03

1.0

Cisco Unity Connection File Upload Denial of Service Vulnerability

Medium

CVE-2018-15396

2018 Oct 03

1.0

Cisco Unity Connection File Upload Denial of Service Vulnerability

Medium

CVE-2018-15396

2018 Oct 03

1.0

Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability

Medium

CVE-2018-15434

2018 Oct 03

1.0

Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability

Medium

CVE-2018-15434

2018 Oct 03

1.0

Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability

Medium

CVE-2018-15434

2018 Oct 03

1.0

Cisco UCS Director Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15406

2018 Oct 03

1.0

Cisco UCS Director Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15406

2018 Oct 03

1.0

Cisco UCS Director Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15406

2018 Oct 03

1.0

Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15426

2018 Oct 03

1.0

Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15426

2018 Oct 03

1.0

Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

Medium

CVE-2018-15426

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15433

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15433

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15433

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15432

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15432

2018 Oct 03

1.0

Cisco Prime Infrastructure Information Disclosure Vulnerability

Medium

CVE-2018-15432

2018 Oct 03

1.0

Multiple Vulnerabilities in Cisco Identity Services Engine

Medium

CVE-2018-15424
CVE-2018-15425

2018 Oct 03

1.0

Multiple Vulnerabilities in Cisco Identity Services Engine

Medium

CVE-2018-15424
CVE-2018-15425

2018 Oct 03

1.0

Multiple Vulnerabilities in Cisco Identity Services Engine

Medium

CVE-2018-15424
CVE-2018-15425

2018 Oct 03

1.0

Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability

Medium

CVE-2018-15428

2018 Oct 03

1.0

Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability

Medium

CVE-2018-15428

2018 Oct 03

1.0

Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability

Medium

CVE-2018-15428

2018 Oct 03

1.0

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability

Medium

CVE-2018-15392

2018 Oct 03

1.0

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability

Medium

CVE-2018-15392

2018 Oct 03

1.0

Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability

Medium

CVE-2018-15392

2018 Oct 03

1.0

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-0446

2018 Oct 03

1.0

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-0446

2018 Oct 03

1.0

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-0446

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability

Medium

CVE-2018-15405

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability

Medium

CVE-2018-15405

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability

Medium

CVE-2018-15405

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability

Medium

CVE-2018-15404

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability

Medium

CVE-2018-15404

2018 Oct 03

1.0

Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability

Medium

CVE-2018-15404

2018 Oct 03

1.0

Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability

Medium

CVE-2018-15429

2018 Oct 03

1.0

Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability

Medium

CVE-2018-15429

2018 Oct 03

1.0

Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability

Medium

CVE-2018-15429

2018 Oct 03

1.0

Cisco HyperFlex World-Readable Sensitive Information Vulnerability

Medium

CVE-2018-15407

2018 Oct 03

1.0

Cisco HyperFlex World-Readable Sensitive Information Vulnerability

Medium

CVE-2018-15407

2018 Oct 03

1.0

Cisco HyperFlex World-Readable Sensitive Information Vulnerability

Medium

CVE-2018-15407

2018 Oct 03

1.0

Cisco HyperFlex UI Clickjacking Vulnerability

Medium

CVE-2018-15423

2018 Oct 03

1.0

Cisco HyperFlex UI Clickjacking Vulnerability

Medium

CVE-2018-15423

2018 Oct 03

1.0

Cisco HyperFlex UI Clickjacking Vulnerability

Medium

CVE-2018-15423

2018 Oct 03

1.0

Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-15401

2018 Oct 03

1.0

Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-15401

2018 Oct 03

1.0

Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability

Medium

CVE-2018-15401

2018 Oct 03

1.0

Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

Medium

CVE-2018-0453

2018 Oct 03

1.0

Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

Medium

CVE-2018-0453

2018 Oct 03

1.0

Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

Medium

CVE-2018-0453

2018 Oct 03

1.0

Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability

Medium

CVE-2018-15430

2018 Oct 03

1.0

Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability

Medium

CVE-2018-15430

2018 Oct 03

1.0

Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability

Medium

CVE-2018-15430

2018 Oct 03

1.0

Multiple Cisco Unified Communications Products Open Redirect Vulnerability

Medium

CVE-2018-15403

2018 Oct 03

1.0

Multiple Cisco Unified Communications Products Open Redirect Vulnerability

Medium

CVE-2018-15403

2018 Oct 03

1.0

Multiple Cisco Unified Communications Products Open Redirect Vulnerability

Medium

CVE-2018-15403

2018 Oct 03

1.0

Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability

Medium

CVE-2018-15400

2018 Oct 03

1.0

Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability

Medium

CVE-2018-15400

2018 Oct 03

1.0

Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability

Medium

CVE-2018-15400

2018 Oct 03

1.0

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

Medium

CVE-2018-15399

2018 Oct 03

1.0

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

Medium

CVE-2018-15399

2018 Oct 03

1.0

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

Medium

CVE-2018-15399

2018 Oct 03

1.0

Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

Medium

CVE-2018-15397

2018 Oct 03

1.0

Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

Medium

CVE-2018-15397

2018 Oct 03

1.0

Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

Medium

CVE-2018-15397

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability

Medium

CVE-2018-15398

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability

Medium

CVE-2018-15398

2018 Oct 03

1.0

Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability

Medium

CVE-2018-15398

2018 Oct 03

1.0

Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability

Medium

CVE-2018-0465

2018 Oct 03

1.0

Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability

Medium

CVE-2018-0465

2018 Oct 03

1.0

Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability

Medium

CVE-2018-0465

2018 Oct 03

1.0

With the last security update, Cisco Patched Critical Vulnerability With Video Surveillance Manager that allows an unauthenticated remote attacker to gain access to the vulnerable system as a root user, which has a default, static user credentials.

Cisco Released Security Updates & Fixed 37 Vulnerabilities that Affected Cisco Products

API Security Audit

Critical Severity Vulnerabilities

High Severity Vulnerabilities

Medium Severity Vulnerabilities

Latest articles

Cyberhaven Hacked – Chrome Extension With 400,000 users Compromised

AT&T and Verizon Hacked – Salt Typhoon Compromised The Network For High Profiles

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

API Security Webinar

72 Hours to Audit-Ready API Security

Discussion points

More like this

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Microsoft Urges Windows Admins to Patch Microsoft Message Queuing RCE Flaw

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

How to Build and Run a Security Operations Center (SOC Guide) – 2023

Network Penetration Testing Checklist – 2024