Lucene search

[email protected]CVE-2018-0177

HistoryMar 28, 2018 - 10:29 p.m.

CVE-2018-0177

2018-03-2822:29:01

CWE-19

[email protected]

web.nvd.nist.gov

cisco

ios

vulnerability

ipv4

cisco catalyst 3850

cisco catalyst 3650

dos

denial of service

nvd

cve-2018-0177

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

61.8%

JSON

A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IPv4 packets. An attacker could exploit this vulnerability by sending specific IPv4 packets to an IPv4 address on an affected device. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. If the switch does not reboot when under attack, it would require manual intervention to reload the device. This vulnerability affects Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches that are running Cisco IOS XE Software Release 16.1.1 or later, until the first fixed release, and are configured with an IPv4 address. Cisco Bug IDs: CSCvd80714.

Affected configurations

NVD

Node

cisco4321_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4351_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

cisco4451-x_integrated_services_routerMatch-

ciscoasr_1000_series_route_processor_\(rp2\)Match-

ciscoasr_1000_series_route_processor_\(rp3\)Match-

ciscoasr_1001-hxMatch-

ciscoasr_1001-xMatch-

ciscoasr_1002-hxMatch-

ciscoasr_1002-xMatch-

ciscocatalyst_3650-12x48fd-eMatch-

ciscocatalyst_3650-12x48fd-lMatch-

ciscocatalyst_3650-12x48fd-sMatch-

ciscocatalyst_3650-12x48uq-eMatch-

ciscocatalyst_3650-12x48uq-lMatch-

ciscocatalyst_3650-12x48uq-sMatch-

ciscocatalyst_3650-12x48ur-eMatch-

ciscocatalyst_3650-12x48ur-lMatch-

ciscocatalyst_3650-12x48ur-sMatch-

ciscocatalyst_3650-12x48uz-eMatch-

ciscocatalyst_3650-24pd-eMatch-

ciscocatalyst_3650-24pd-lMatch-

ciscocatalyst_3650-24pd-sMatch-

ciscocatalyst_3650-24pdm-eMatch-

ciscocatalyst_3650-24pdm-lMatch-

ciscocatalyst_3650-24pdm-sMatch-

ciscocatalyst_3650-24ps-eMatch-

ciscocatalyst_3650-24ps-lMatch-

ciscocatalyst_3650-24ps-sMatch-

ciscocatalyst_3650-24td-eMatch-

ciscocatalyst_3650-24td-lMatch-

ciscocatalyst_3650-24td-sMatch-

ciscocatalyst_3650-24ts-eMatch-

ciscocatalyst_3650-24ts-lMatch-

ciscocatalyst_3650-24ts-sMatch-

ciscocatalyst_3650-48fd-eMatch-

ciscocatalyst_3650-48fd-lMatch-

ciscocatalyst_3650-48fd-sMatch-

ciscocatalyst_3650-48fq-eMatch-

ciscocatalyst_3650-48fq-lMatch-

ciscocatalyst_3650-48fq-sMatch-

ciscocatalyst_3650-48fqm-eMatch-

ciscocatalyst_3650-48fqm-lMatch-

ciscocatalyst_3650-48fqm-sMatch-

ciscocatalyst_3650-48fs-eMatch-

ciscocatalyst_3650-48fs-lMatch-

ciscocatalyst_3650-48fs-sMatch-

ciscocatalyst_3650-48pd-eMatch-

ciscocatalyst_3650-48pd-lMatch-

ciscocatalyst_3650-48pd-sMatch-

ciscocatalyst_3650-48pq-eMatch-

ciscocatalyst_3650-48pq-lMatch-

ciscocatalyst_3650-48pq-sMatch-

ciscocatalyst_3650-48ps-eMatch-

ciscocatalyst_3650-48ps-lMatch-

ciscocatalyst_3650-48ps-sMatch-

ciscocatalyst_3650-48td-eMatch-

ciscocatalyst_3650-48td-lMatch-

ciscocatalyst_3650-48td-sMatch-

ciscocatalyst_3650-48tq-eMatch-

ciscocatalyst_3650-48tq-lMatch-

ciscocatalyst_3650-48tq-sMatch-

ciscocatalyst_3650-48ts-eMatch-

ciscocatalyst_3650-48ts-lMatch-

ciscocatalyst_3650-48ts-sMatch-

ciscocatalyst_3650-8x24pd-eMatch-

ciscocatalyst_3650-8x24pd-lMatch-

ciscocatalyst_3650-8x24pd-sMatch-

ciscocatalyst_3650-8x24uq-eMatch-

ciscocatalyst_3650-8x24uq-lMatch-

ciscocatalyst_3650-8x24uq-sMatch-

ciscocatalyst_3850-12s-eMatch-

ciscocatalyst_3850-12s-sMatch-

ciscocatalyst_3850-12xs-eMatch-

ciscocatalyst_3850-12xs-sMatch-

ciscocatalyst_3850-16xs-eMatch-

ciscocatalyst_3850-16xs-sMatch-

ciscocatalyst_3850-24p-eMatch-

ciscocatalyst_3850-24p-lMatch-

ciscocatalyst_3850-24p-sMatch-

ciscocatalyst_3850-24s-eMatch-

ciscocatalyst_3850-24s-sMatch-

ciscocatalyst_3850-24t-eMatch-

ciscocatalyst_3850-24t-lMatch-

ciscocatalyst_3850-24t-sMatch-

ciscocatalyst_3850-24u-eMatch-

ciscocatalyst_3850-24u-lMatch-

ciscocatalyst_3850-24u-sMatch-

ciscocatalyst_3850-24xs-eMatch-

ciscocatalyst_3850-24xs-sMatch-

ciscocatalyst_3850-24xu-eMatch-

ciscocatalyst_3850-24xu-lMatch-

ciscocatalyst_3850-24xu-sMatch-

ciscocatalyst_3850-32xs-eMatch-

ciscocatalyst_3850-32xs-sMatch-

ciscocatalyst_3850-48f-eMatch-

ciscocatalyst_3850-48f-lMatch-

ciscocatalyst_3850-48f-sMatch-

ciscocatalyst_3850-48p-eMatch-

ciscocatalyst_3850-48p-lMatch-

ciscocatalyst_3850-48p-sMatch-

ciscocatalyst_3850-48t-eMatch-

ciscocatalyst_3850-48t-lMatch-

ciscocatalyst_3850-48t-sMatch-

ciscocatalyst_3850-48u-eMatch-

ciscocatalyst_3850-48u-lMatch-

ciscocatalyst_3850-48u-sMatch-

ciscocatalyst_3850-48xs-eMatch-

ciscocatalyst_3850-48xs-f-eMatch-

ciscocatalyst_3850-48xs-f-sMatch-

ciscocatalyst_3850-48xs-sMatch-

ciscocatalyst_c3850-12x48u-eMatch-

ciscocatalyst_c3850-12x48u-lMatch-

ciscocatalyst_c3850-12x48u-sMatch-

ciscocloud_services_router_1000vMatch-

AND

ciscoios_xeMatchdenali-16.3.1

ciscoios_xeMatchdenali-16.3.3

CPENameOperatorVersion
cisco:ios_xecisco ios xeeqdenali-16.3.1
cisco:ios_xecisco ios xeeqdenali-16.3.3

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	denali-16.3.1
cisco:ios_xe	cisco ios xe	eq	denali-16.3.3

CNA Affected

[
  {
    "product": "Cisco IOS XE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS XE"
      }
    ]
  }
]

References

www.securityfocus.com/bid/103563

www.securitytracker.com/id/1040588

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

61.8%

JSON

Related for CVE-2018-0177

prion1 nvd1 cvelist1 nessus1 cisco1