CVE-2018-0177 β€” Cisco IOS XE vulnerability

CWE-194 documents4 sources
Severity
7.5HIGHNVD
EPSS
2.6%
top 14.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE
Timeline
PublishedMar 28
Latest updateMay 13

Description

A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IPv4 packets. An attacker could exploit this vulnerability by sending specific IPv4 packets to an IPv…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

β–ΆNVDcisco/ios_xedenali-16.3.1, denali-16.3.3+1

πŸ”΄Vulnerability Details

2
GHSA
GHSA-743q-fpxw-3pxj: A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Swit↗2022-05-13
β–Ά
CVEList
CVE-2018-0177: A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Swit↗2018-03-28
β–Ά

πŸ“‹Vendor Advisories

1
Cisco
Cisco IOS XE Software for Cisco Catalyst Switches IPv4 Denial of Service Vulnerability↗2018-03-28
β–Ά
CVE-2018-0177 β€” Cisco IOS XE vulnerability | cvebase