How severe is CVE-2018-15396?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2018-15396?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2018-15396

MEDIUM Year: 2018

CVSS v3 Score

6.8

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition.

CVE-2015-5332

MEDIUM

CVSS:6.8(Medium)

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosa...

CWE-3992015

CVE-2017-6628

MEDIUM

CVSS:6.8(Medium)

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of se...

CWE-3992017

CVE-2018-15390

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a deni...

CWE-3992018

CVE-2020-3303

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthentica...

CWE-3992020

CVE-2022-20758

MEDIUM

CVSS:6.8(Medium)

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial ...

CWE-3992022

CVE-2018-0088

MEDIUM

CVSS:6.7(Medium)

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stabi...

CWE-3992018

CVE-2018-15396

Vulnerability Description

Related Vulnerabilities

CVE-2015-5332

CVE-2017-6628

CVE-2018-15390

CVE-2020-3303

CVE-2022-20758

CVE-2018-0088