CVE-2018-0241Cisco IOS XR vulnerability

CWE-3994 documents4 sources
Severity
7.4HIGHNVD
EPSS
0.3%
top 50.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XR
Timeline
PublishedApr 19
Latest updateMay 13

Description

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affec

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 2.8 | Impact: 4.0

Affected Packages1 packages

NVDcisco/ios_xr13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-73pp-cff4-vg2v: A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial2022-05-13
CVEList
CVE-2018-0241: A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial2018-04-19

📋Vendor Advisories

1
Cisco
Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability2018-04-18
CVE-2018-0241 — Cisco IOS XR vulnerability | cvebase