CWE-399
139 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-399page 2 of 3
- CVE-2018-0397MEDIUMCVSS 5.9EG 5.92018-08-01
A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) conditio…
- CVE-2018-0421HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due …
- CVE-2018-0443HIGHCVSS 7.5EG 7.52018-10-17
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condit…
- CVE-2018-0457MEDIUMCVSS 5.5EG 5.52018-10-05
A vulnerability in the Cisco Webex Player for Webex Recording Format (WRF) files could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a user a…
- CVE-2018-0466MEDIUMCVSS 6.5EG 6.52018-10-05
A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorre…
- CVE-2018-0470HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability i…
- CVE-2018-0473HIGHCVSS 8.6EG 8.62018-10-05
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to i…
- CVE-2018-0476MEDIUMCVSS 5.9EG 5.92018-10-05
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The …
- CVE-2018-15373HIGHCVSS 7.4EG 7.42018-10-05
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denia…
- CVE-2018-15390MEDIUMCVSS 6.8EG 6.82018-10-05
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vuln…
- CVE-2018-15391HIGHCVSS 7.5EG 7.52018-10-05
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition.…
- CVE-2018-15392MEDIUMCVSS 4.3EG 4.32018-10-05
A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of DHCP lease requests. …
- CVE-2018-15396MEDIUMCVSS 6.8EG 6.82018-10-05
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists becau…
- CVE-2018-15404MEDIUMCVSS 6.5EG 6.52018-10-05
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vu…
- CVE-2018-15458MEDIUMCVSS 5.3EG 7.52019-01-10
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting i…
- CVE-2018-15462HIGHCVSS 8.6EG 7.52019-05-03
A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and …
- CVE-2018-15617MEDIUMCVSS 6.5EG 7.52019-02-01
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2…
- CVE-2018-4851HIGHCVSS 8.2EG 8.22018-07-03
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing…
- CVE-2019-12087MEDIUMCVSS 5.5EG 5.52019-05-14
Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: …
- CVE-2019-12646HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The …
- CVE-2019-12652HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The…
- CVE-2019-12659HIGHCVSS 7.5EG 7.52019-09-25
A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exp…
- CVE-2019-12665HIGHCVSS 7.4EG 7.42019-09-25
A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to T…
- CVE-2019-13648MEDIUMCVSS 5.5EG 5.52019-07-19
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a craf…
- CVE-2019-15256HIGHCVSS 8.6EG 8.62019-10-02
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reloa…
- CVE-2019-15258MEDIUMCVSS 6.5EG 6.52019-10-16
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is …
- CVE-2019-1587MEDIUMCVSS 4.3EG 4.32019-05-03
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. The vulnerability occurs because the affected softwa…
- CVE-2019-1599HIGHCVSS 8.6EG 8.62019-03-07
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and free…
- CVE-2019-16018MEDIUMCVSS 6.5EG 6.52020-01-26
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabili…
- CVE-2019-16019HIGHCVSS 8.6EG 8.62020-09-23
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
- CVE-2019-16020HIGHCVSS 8.6EG 8.62020-01-26
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
- CVE-2019-16021HIGHCVSS 7.5EG 7.52020-09-23
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
- CVE-2019-16022HIGHCVSS 8.6EG 8.62020-01-26
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
- CVE-2019-16023HIGHCVSS 7.5EG 7.52020-09-23
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu…
- CVE-2019-1635HIGHCVSS 7.5EG 7.52019-05-03
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpected…
- CVE-2019-1684MEDIUMCVSS 6.5EG 6.52019-02-21
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexp…
- CVE-2019-1693MEDIUMCVSS 6.5EG 6.52019-05-03
A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an af…
- CVE-2019-1700MEDIUMCVSS 6.1EG 6.12019-02-21
A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, …
- CVE-2019-1718HIGHCVSS 7.5EG 7.52019-04-17
A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. The vulnerability is due to improper …
- CVE-2019-1796MEDIUMCVSS 6.5EG 6.52019-04-18
A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerabilit…
- CVE-2019-1799MEDIUMCVSS 6.5EG 6.52019-04-18
A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerabilit…
- CVE-2019-1800MEDIUMCVSS 6.5EG 6.52019-04-18
A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerabilit…
- CVE-2019-1957HIGHCVSS 7.5EG 7.52019-08-08
A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition on an affected device. The vulnerability i…
- CVE-2019-1967HIGHCVSS 7.5EG 7.52019-08-30
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive us…
- CVE-2019-9806HIGHCVSS 7.5EG 7.52019-04-26
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefo…
- CVE-2019-9809HIGHCVSS 7.5EG 7.52019-04-26
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, al…
- CVE-2020-3168HIGHCVSS 7.5EG 7.52020-02-26
A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessi…
- CVE-2020-3188MEDIUMCVSS 5.3EG 5.32020-05-06
A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected dev…
- CVE-2020-3260MEDIUMCVSS 6.5EG 6.52020-04-15
A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of cli…
- CVE-2020-3303HIGHCVSS 7.5EG 7.52020-05-06
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial …
Map vulnerabilities like CWE-399 to your infrastructure
EchelonGraph correlates every CVE — across CWE-399 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →