CVE-2018-0155
Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when the BFD header in a BFD packet is incomplete. An attacker could exploit this vulnerability by sending a crafted BFD message to or across an affected switch. A successful exploit could allow the attacker to trigger a reload of the system. This vulnerability affects Catalyst 4500 Supervisor Engine 6-E (K5), Catalyst 4500 Supervisor Engine 6L-E (K10), Catalyst 4500 Supervisor Engine 7-E (K10), Catalyst 4500 Supervisor Engine 7L-E (K10), Catalyst 4500E Supervisor Engine 8-E (K10), Catalyst 4500E Supervisor Engine 8L-E (K10), Catalyst 4500E Supervisor Engine 9-E (K10), Catalyst 4500-X Series Switches (K10), Catalyst 4900M Switch (K5), Catalyst 4948E Ethernet Switch (K5). Cisco Bug IDs: CSCvc40729.
Una vulnerabilidad en la implementación de la descarga Bidirectional Forwarding Detection (BFD) de Cisco Catalyst 4500 Series Switches y Cisco Catalyst 4500-X Series Switches podría permitir que un atacante remoto no autenticado provoque el cierre inesperado del proceso iosd, lo que provocaría una denegación de servicio (DoS). La vulnerabilidad se debe a la gestión insuficiente de errores cuando la cabecera BFD de un paquete BFD está incompleta. Un atacante podría explotar esta vulnerabilidad enviando un mensaje BFD manipulado a un switch afectado o a través de él. Un exploit con éxito podría permitir que el atacante cause el reinicio del sistema. Esta vulnerabilidad afecta a Catalyst 4500 Supervisor Engine 6-E (K5), Catalyst 4500 Supervisor Engine 6L-E (K10), Catalyst 4500 Supervisor Engine 7-E (K10), Catalyst 4500 Supervisor Engine 7L-E (K10), Catalyst 4500E Supervisor Engine 8-E (K10), Catalyst 4500E Supervisor Engine 8L-E (K10), Catalyst 4500E Supervisor Engine 9-E (K10), Catalyst 4500-X Series Switches (K10), Catalyst 4900M Switch (K5) y Catalyst 4948E Ethernet Switch (K5). Cisco Bug IDs: CSCvc40729.
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2017-11-27 CVE Reserved
- 2018-03-28 CVE Published
- 2022-03-03 Exploited in Wild
- 2022-03-17 KEV Due Date
- 2024-09-21 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- First Exploit
CWE
- CWE-388: 7PK - Errors
- CWE-755: Improper Handling of Exceptional Conditions
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103565 | Third Party Advisory | |
| http://www.securitytracker.com/id/1040587 | Third Party Advisory | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd | 2020-09-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500-x Series Switches \(k10\) Search vendor "Cisco" for product "Catalyst 4500-x Series Switches \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 6-e \(k5\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 6-e \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 6l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 6l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 7-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 7-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 7l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 7l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 8-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 8-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 8l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 8l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 9-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 9-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4900m Switch \(k5\) Search vendor "Cisco" for product "Catalyst 4900m Switch \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4948e Ethernet Switch \(k5\) Search vendor "Cisco" for product "Catalyst 4948e Ethernet Switch \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500-x Series Switches \(k10\) Search vendor "Cisco" for product "Catalyst 4500-x Series Switches \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 6-e \(k5\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 6-e \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 6l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 6l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 7-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 7-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500 Supervisor Engine 7l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500 Supervisor Engine 7l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 8-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 8-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 8l-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 8l-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4500e Supervisor Engine 9-e \(k10\) Search vendor "Cisco" for product "Catalyst 4500e Supervisor Engine 9-e \(k10\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4900m Switch \(k5\) Search vendor "Cisco" for product "Catalyst 4900m Switch \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Cisco Search vendor "Cisco" | Catalyst 4948e Ethernet Switch \(k5\) Search vendor "Cisco" for product "Catalyst 4948e Ethernet Switch \(k5\)" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 3.6\(2\)e Search vendor "Cisco" for product "Ios" and version "3.6\(2\)e" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.6\(2\)e Search vendor "Cisco" for product "Ios Xe" and version "3.6\(2\)e" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch" | - | - |
Safe
|