#ExploitObserverAlert
CVE-2022-47966
DESCRIPTION: Exploit Observer has 48 entries related to CVE-2022-47966. Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active).
FIRST-EPSS: 0.970510000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-47966
DESCRIPTION: Exploit Observer has 48 entries related to CVE-2022-47966. Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active).
FIRST-EPSS: 0.970510000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-16651
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-16651. Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings
CVE-2017-16651
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2017-16651. Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings
#ExploitObserverAlert
CVE-2018-4990
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2018-4990. Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
FIRST-EPSS: 0.043290000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2018-4990
DESCRIPTION: Exploit Observer has 11 entries related to CVE-2018-4990. Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
FIRST-EPSS: 0.043290000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2013-0422
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2013-0422. Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
FIRST-EPSS: 0.974350000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2013-0422
DESCRIPTION: Exploit Observer has 40 entries related to CVE-2013-0422. Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.
FIRST-EPSS: 0.974350000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2022-21919
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-21919. Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895.
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.0
CVE-2022-21919
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-21919. Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895.
FIRST-EPSS: 0.002000000
NVD-IS: 5.9
NVD-ES: 1.0
#ExploitObserverAlert
CVE-2016-3643
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2016-3643. SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
FIRST-EPSS: 0.001230000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-3643
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2016-3643. SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
FIRST-EPSS: 0.001230000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-0543
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2022-0543. It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
FIRST-EPSS: 0.971030000
NVD-IS: 6.0
NVD-ES: 3.9
CVE-2022-0543
DESCRIPTION: Exploit Observer has 42 entries related to CVE-2022-0543. It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
FIRST-EPSS: 0.971030000
NVD-IS: 6.0
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-7600
DESCRIPTION: Exploit Observer has 253 entries related to CVE-2018-7600. Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
FIRST-EPSS: 0.975600000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-7600
DESCRIPTION: Exploit Observer has 253 entries related to CVE-2018-7600. Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
FIRST-EPSS: 0.975600000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2017-0148
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2017-0148. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
FIRST-EPSS: 0.971740000
NVD-IS: 5.9
NVD-ES: 2.2
CVE-2017-0148
DESCRIPTION: Exploit Observer has 58 entries related to CVE-2017-0148. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
FIRST-EPSS: 0.971740000
NVD-IS: 5.9
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2021-28663
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-28663. The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.
FIRST-EPSS: 0.006260000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-28663
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-28663. The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.
FIRST-EPSS: 0.006260000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-7247
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-7247. smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
FIRST-EPSS: 0.975080000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-7247
DESCRIPTION: Exploit Observer has 53 entries related to CVE-2020-7247. smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
FIRST-EPSS: 0.975080000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1322
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2019-1322. An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.
FIRST-EPSS: 0.001140000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1322
DESCRIPTION: Exploit Observer has 28 entries related to CVE-2019-1322. An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.
FIRST-EPSS: 0.001140000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2013-2465
DESCRIPTION: Exploit Observer has 33 entries related to CVE-2013-2465. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
FIRST-EPSS: 0.828180000
NVD-IS: 10.0
NVD-ES: 10.0
CVE-2013-2465
DESCRIPTION: Exploit Observer has 33 entries related to CVE-2013-2465. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
FIRST-EPSS: 0.828180000
NVD-IS: 10.0
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2021-26084
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2021-26084. In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
FIRST-EPSS: 0.971530000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-26084
DESCRIPTION: Exploit Observer has 153 entries related to CVE-2021-26084. In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
FIRST-EPSS: 0.971530000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-1048
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-1048. In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-1048
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-1048. In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel
FIRST-EPSS: 0.000640000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-40870
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-40870. An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
FIRST-EPSS: 0.908800000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-40870
DESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-40870. An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
FIRST-EPSS: 0.908800000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-27065
DESCRIPTION: Exploit Observer has 89 entries related to CVE-2021-27065. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.
FIRST-EPSS: 0.969370000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-27065
DESCRIPTION: Exploit Observer has 89 entries related to CVE-2021-27065. Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.
FIRST-EPSS: 0.969370000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2014-2817
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-2817. Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.011930000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2014-2817
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2014-2817. Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
FIRST-EPSS: 0.011930000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2017-11826
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2017-11826. Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.
FIRST-EPSS: 0.951390000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2017-11826
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2017-11826. Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.
FIRST-EPSS: 0.951390000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2019-10068
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2019-10068. An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to deserialize user-controlled .NET object input. This deserialization then led to unauthenticated remote code execution on the server where the Kentico instance was hosted.
FIRST-EPSS: 0.973660000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-10068
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2019-10068. An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to deserialize user-controlled .NET object input. This deserialization then led to unauthenticated remote code execution on the server where the Kentico instance was hosted.
FIRST-EPSS: 0.973660000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-0156
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0156. A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.
FIRST-EPSS: 0.005100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2018-0156
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2018-0156. A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.
FIRST-EPSS: 0.005100000
NVD-IS: 3.6
NVD-ES: 3.9