Lucene search

[email protected]CVE-2018-0180

HistoryMar 28, 2018 - 10:29 p.m.

CVE-2018-0180

2018-03-2822:29:01

CWE-399

[email protected]

web.nvd.nist.gov

831

In Wild

cisco

ios

software

vulnerabilities

cve-2018-0180

cisco bug ids

denial of service

nvd

dos

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Affected configurations

NVD

Node

ciscoiosMatch15.3\(0.0.19\)sy

ciscoiosMatch15.4\(1\)ia1.100

ciscoiosMatch15.6\(1.22\)t

AND

cisco1921Match-

cisco1941Match-

cisco1941wMatch-

cisco2901Match-

cisco2911Match-

cisco2921Match-

cisco2951Match-

cisco3925Match-

cisco3925eMatch-

cisco3945Match-

cisco3945eMatch-

cisco4451-xMatch-

Node

ciscoiosMatch15.3\(0.0.19\)sy

ciscoiosMatch15.4\(3\)m4.1

Node

ciscoiosRange15.4\(2\)cg≥

ciscoiosMatch15.4\(2\)t

ciscoiosMatch15.4\(3\)m

CPENameOperatorVersion
cisco:ioscisco ioseq15.3\(0.0.19\)sy
cisco:ioscisco ioseq15.4\(1\)ia1.100
cisco:ioscisco ioseq15.6\(1.22\)t

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	15.3\(0.0.19\)sy
cisco:ios	cisco ios	eq	15.4\(1\)ia1.100
cisco:ios	cisco ios	eq	15.6\(1.22\)t

CNA Affected

[
  {
    "product": "Cisco IOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS"
      }
    ]
  }
]

References

www.securityfocus.com/bid/103556

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Related for CVE-2018-0180

cvelist1 nvd1 attackerkb1 cisa_kev1 prion1 cisco1 nessus1