vulnerability
Cisco XE: CVE-2018-3646: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | Aug 14, 2018 | Jul 30, 2019 | Nov 13, 2023 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
Aug 14, 2018
Added
Jul 30, 2019
Modified
Nov 13, 2023
Description
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
Solution
cisco-xe-upgrade-latest
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.