How severe is CVE-2018-0088?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2018-0088?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2018-0088

MEDIUM Year: 2018

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. This could result in arbitrary code execution or a denial of service (DoS) condition. The attacker has to have valid user credentials at privilege level 15. The vulnerability is due to a diagnostic test CLI command that allows the attacker to write to the device memory. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a specific diagnostic test command at the CLI. An exploit could allow the attacker to overwrite system memory locations, which could have a negative impact on the stability of the device. Cisco Bug IDs: CSCvf71150.

CVE-2021-1281

MEDIUM

CVSS:6.7(Medium)

A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to ...

CWE-3992021

CVE-2015-5332

MEDIUM

CVSS:6.8(Medium)

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosa...

CWE-3992015

CVE-2017-6628

MEDIUM

CVSS:6.8(Medium)

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of se...

CWE-3992017

CVE-2018-15390

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a deni...

CWE-3992018

CVE-2018-15396

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) co...

CWE-3992018

CVE-2020-3303

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthentica...

CWE-3992020

CVE-2018-0088

Vulnerability Description

Related Vulnerabilities

CVE-2021-1281

CVE-2015-5332

CVE-2017-6628

CVE-2018-15390

CVE-2018-15396

CVE-2020-3303