CVE-2018-0094

CWE-693 CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

7.5HIGH

EPSS

1.4%

top 19.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Computing System Central Software

Timeline

PublishedJan 18

Latest updateMay 13

Description

A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate limiting protection for IPv6 ingress traffic. An attacker could exploit this vulnerability by sending the affected device a high rate of IPv6 packets. Successful exploitation could allow the attacker to cause a DoS condition due…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5cisco_ucs_central_softwareCisco UCS Central Software

▶NVDcisco/unified_computing_system_central_software1.4\(1a\)

🔴Vulnerability Details

GHSA

GHSA-62jr-4pg7-4vr2: A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of↗2022-05-13

▶

CVEList

CVE-2018-0094: A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of↗2018-01-18

▶

📋Vendor Advisories

Cisco

Cisco UCS Central Software IPv6 Denial of Service Vulnerability↗2018-01-17

▶