CVE-2018-0164Cisco IOS XE vulnerability

CWE-3994 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.5%
top 34.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE
Timeline
PublishedMar 28
Latest updateMay 13

Description

A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. The vulnerability is due to incorrect handling of crafted IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets through the device. An exploit could allow the attacker to cause an interface queue wedge. This vulnerability affects the Cisco cBR-8 Converged Broadband Router, Cisco ASR 1000 Series

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages1 packages

NVDcisco/ios_xe15.6\(2\)sp

🔴Vulnerability Details

2
GHSA
GHSA-fwh2-77mg-85v5: A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interf2022-05-13
CVEList
CVE-2018-0164: A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interf2018-03-28

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software Switch Integrated Security Features IPv6 Denial of Service Vulnerability2018-03-28
CVE-2018-0164 — Cisco IOS XE vulnerability | cvebase