CVE-2018-0175

🗓️ 28 Mar 2018 22:00:00Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 1052 Views

CVE-2018-0175: Format String vulnerability in Cisco IOS, Cisco IOS XE, and Cisco IOS XR Software

Reporter	Title	Published	Views	Family All 21
Tenable Nessus	Rockwell Automation Stratix Ethernet Switches < 15.3 IOS Link Layer Discovery Protocol Format String Exploit	8 May 201900:00	–	nessus
Tenable Nessus	Cisco IOS Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)	6 Apr 201800:00	–	nessus
Tenable Nessus	Cisco IOS XE Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)	6 Apr 201800:00	–	nessus
Tenable Nessus	Cisco Ios Use of Externally-Controlled Format String	8 Nov 201900:00	–	nessus
Tenable Nessus	Rockwell Automation Stratix Industrial Managed Ethernet Switch 7Pk Errors (CVE-2018-0155)	15 Nov 202300:00	–	nessus
Tenable Nessus	Rockwell Automation Stratix Industrial Managed Ethernet Switch Use of Externally-Controlled Format String (CVE-2018-0175)	15 Nov 202300:00	–	nessus
ATTACKERKB	CVE-2018-0175	28 Mar 201800:00	–	attackerkb
Circl	CVE-2018-0175	14 Jun 202321:10	–	circl
CISA KEV Catalog	Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability	3 Mar 202200:00	–	cisa_kev
CNVD	Cisco IOS Software, IOS XE Software, and IOS XR Software Link Layer Discovery Protocol Subsystem Elevation of Privilege Vulnerability	29 Mar 201800:00	–	cnvd

NVD

Node

cisco iosMatch15.4(3)m4.1

Node

cisco ios_xeMatch15.4(3)m4.1

Node

cisco ios_xrMatch15.4(3)m4.1

Node

cisco iosRange≤15.2(4a)ea5

cisco ios_xeRange≤15.2(4a)ea5

AND

rockwellautomation allen-bradley_stratix_8300_industrial_managed_ethernet_switchMatch-

Node

cisco iosRange≤15.2(6)e0a

cisco ios_xeRange≤15.2(6)e0a

AND

rockwellautomation allen-bradley_armorstratix_5700Match-

rockwellautomation allen-bradley_stratix_5400Match-

rockwellautomation allen-bradley_stratix_5410Match-

rockwellautomation allen-bradley_stratix_5700Match-

rockwellautomation allen-bradley_stratix_8000Match-

Node

cisco iosRange≤15.6.3m1

cisco ios_xeRange≤15.6.3m1

AND

rockwellautomation allen-bradley_stratix_5900_services_routerMatch-

[
  {
    "product": "Cisco IOS, IOS XE, and IOS XR",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS, IOS XE, and IOS XR"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/103564
securitytracker	www.securitytracker.com/id/1040586
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-18-107-04
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-18-107-03
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-18-107-05
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

14 Jan 2026 18:46Current

8High risk

Vulners AI Score8

CVSS 27.9

CVSS 3.18

EPSS0.02924

SSVC

cve 2018-0175 format string vulnerability cisco ios ios xe ios xr software nvd cscvd73664