CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2018-0418
https://notcve.org/view.php?id=CVE-2018-0418
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858. • http://www.securityfocus.com/bid/105185 http://www.securitytracker.com/id/1041538 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0286
https://notcve.org/view.php?id=CVE-2018-0286
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious requests to the affected software. An exploit could allow the attacker to cause the targeted process to restart, resulting in a DoS condition on the affected system. Cisco Bug IDs: CSCvg95792. • http://www.securityfocus.com/bid/104083 http://www.securitytracker.com/id/1040827 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-iosxr • CWE-399: Resource Management Errors CWE-755: Improper Handling of Exceptional Conditions •