CWE-399
160 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-399page 2 of 4
- CVE-2018-0179MEDIUMCVSS 5.9EG 9.0⚠ KEV2018-03-28
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. The…
- CVE-2018-0180MEDIUMCVSS 5.9EG 9.0⚠ KEV2018-03-28
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. The…
- CVE-2018-0189MEDIUMCVSS 5.3EG 5.32018-03-28
A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. The vulnerability is due to a limi…
- CVE-2018-0240HIGHCVSS 8.6EG 8.62018-04-19
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger …
- CVE-2018-0241HIGHCVSS 7.4EG 7.42018-04-19
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper h…
- CVE-2018-0252HIGHCVSS 8.6EG 8.62018-05-02
A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedl…
- CVE-2018-0257MEDIUMCVSS 4.3EG 4.32018-04-19
A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condit…
- CVE-2018-0272MEDIUMCVSS 5.9EG 5.92018-04-19
A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling w…
- CVE-2018-0273MEDIUMCVSS 5.3EG 5.32018-04-19
A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active …
- CVE-2018-0286MEDIUMCVSS 5.3EG 5.32018-05-02
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed r…
- CVE-2018-0290MEDIUMCVSS 5.3EG 5.32018-05-17
A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. The vulnerability is due to faulty handling of new TCP connectio…
- CVE-2018-0310CRITICALCVSS 9.8EG 9.82018-06-21
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition…
- CVE-2018-0311HIGHCVSS 7.5EG 7.52018-06-21
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability ex…
- CVE-2018-0316HIGHCVSS 7.5EG 7.52018-06-07
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phon…
- CVE-2018-0331MEDIUMCVSS 6.5EG 6.52018-06-21
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of se…
- CVE-2018-0332HIGHCVSS 7.5EG 7.52018-06-07
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to…
- CVE-2018-0370HIGHCVSS 7.5EG 7.52018-07-16
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulne…
- CVE-2018-0380MEDIUMCVSS 5.5EG 5.52018-07-18
Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .ar…
- CVE-2018-0385HIGHCVSS 7.5EG 7.52018-07-16
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Sno…
- CVE-2018-0389HIGHCVSS 7.5EG 7.52019-03-13
A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting i…
- CVE-2018-0397MEDIUMCVSS 5.9EG 5.92018-08-01
A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) conditio…
- CVE-2018-0421HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due …
- CVE-2018-0443HIGHCVSS 7.5EG 7.52018-10-17
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condit…
- CVE-2018-0457MEDIUMCVSS 5.5EG 5.52018-10-05
A vulnerability in the Cisco Webex Player for Webex Recording Format (WRF) files could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a user a…
- CVE-2018-0466MEDIUMCVSS 6.5EG 6.52018-10-05
A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorre…
- CVE-2018-0470HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability i…
- CVE-2018-0473HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to i…
- CVE-2018-0476MEDIUMCVSS 5.9EG 5.92018-10-05
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The …
- CVE-2018-15373HIGHCVSS 7.4EG 7.42018-10-05
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denia…
- CVE-2018-15390MEDIUMCVSS 6.8EG 6.82018-10-05
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vuln…
- CVE-2018-15391HIGHCVSS 7.5EG 7.52018-10-05
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition.…
- CVE-2018-15392MEDIUMCVSS 4.3EG 4.32018-10-05
A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of DHCP lease requests. …
- CVE-2018-15396MEDIUMCVSS 6.8EG 6.82018-10-05
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists becau…
- CVE-2018-15404MEDIUMCVSS 6.5EG 6.52018-10-05
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vu…
- CVE-2018-15458MEDIUMCVSS 5.3EG 7.52019-01-10
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting i…
- CVE-2018-15462HIGHCVSS 8.6EG 7.52019-05-03
A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and …
- CVE-2018-15617MEDIUMCVSS 6.5EG 7.52019-02-01
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2…
- CVE-2018-4851HIGHCVSS 8.2EG 8.22018-07-03
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing…
- CVE-2019-12087MEDIUMCVSS 5.5EG 5.52019-05-14
Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: …
- CVE-2019-12646HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The …
- CVE-2019-12652HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The…
- CVE-2019-12659HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exp…
- CVE-2019-12665HIGHCVSS 7.4EG 7.42019-09-25
A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to T…
- CVE-2019-13648MEDIUMCVSS 5.5EG 5.52019-07-19
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a craf…
- CVE-2019-15256HIGHCVSS 8.6EG 8.62019-10-02
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reloa…
- CVE-2019-15258MEDIUMCVSS 6.5EG 6.52019-10-16
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is …
- CVE-2019-1587MEDIUMCVSS 4.3EG 4.32019-05-03
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected softwa…
- CVE-2019-1599HIGHCVSS 8.6EG 8.62019-03-07
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and free…
- CVE-2019-16018MEDIUMCVSS 6.5EG 6.52020-01-26
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabili…
- CVE-2019-16019HIGHCVSS 8.6EG 8.62020-09-23
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
Map vulnerabilities like CWE-399 to your infrastructure
EchelonGraph correlates every CVE — across CWE-399 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →