How severe is CVE-2018-15390?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2018-15390?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2018-15390

MEDIUM Year: 2018

CVSS v3 Score

6.8

Medium

CVSS v2 Score

7.1

High

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

CVE-2015-5332

MEDIUM

CVSS:6.8(Medium)

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosa...

CWE-3992015

CVE-2017-6628

MEDIUM

CVSS:6.8(Medium)

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of se...

CWE-3992017

CVE-2018-15396

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) co...

CWE-3992018

CVE-2020-3303

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthentica...

CWE-3992020

CVE-2022-20758

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial ...

CWE-3992022

CVE-2018-0088

MEDIUM

CVSS:6.7(Medium)

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stabi...

CWE-3992018

CVE-2018-15390

Vulnerability Description

Related Vulnerabilities

CVE-2015-5332

CVE-2017-6628

CVE-2018-15396

CVE-2020-3303

CVE-2022-20758

CVE-2018-0088