// For flags

CVE-2018-0160

 

Severity Score

6.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of memory resources, referred to as a double free. An attacker could exploit this vulnerability by sending crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. To exploit this vulnerability via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability via SNMP Version 3, the attacker must know the user credentials for the affected system. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, have been configured to be queried over SNMP, and have Network Address Translation (NAT) enabled. Cisco Bug IDs: CSCve75818.

Una vulnerabilidad en el subsistema Simple Network Management Protocol (SNMP) en Cisco IOS XE Software podría permitir que un atacante remoto autenticado provoque una denegación de servicio (DoS). Esta vulnerabilidad se debe a la gestión incorrecta de recursos de memoria, lo que se conoce como doble liberación (double free). Un atacante podría explotar esta vulnerabilidad enviando paquetes SNMP manipulados a un dispositivo afectado. Si se explota con éxito, podría permitir que el atacante consiga que el dispositivo afectado se reinicie, provocando una denegación de servicio. Para explotar esta vulnerabilidad mediante SNMP Version 2c o anteriores, el atacante debe conocer la cadena de comunidad de solo lectura SNMP de un sistema afectado. Para explotar esta vulnerabilidad mediante SNMP Version 3, el atacante debe conocer las credenciales de usuario para el sistema afectado. Esta vulnerabilidad afecta a dispositivos Cisco que ejecutan una distribución vulnerable de Cisco IOS XE Software, se han configurado para recibir consultas por SNMP y tienen la traducción de direcciones de red (NAT) habilitada. Cisco Bug IDs: CSCve75818.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-11-27 CVE Reserved
  • 2018-03-28 CVE Published
  • 2023-08-19 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-415: Double Free
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-12c-f-d
Search vendor "Cisco" for product "Asr 901-12c-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-12c-ft-d
Search vendor "Cisco" for product "Asr 901-12c-ft-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-4c-f-d
Search vendor "Cisco" for product "Asr 901-4c-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-4c-ft-d
Search vendor "Cisco" for product "Asr 901-4c-ft-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-f-a
Search vendor "Cisco" for product "Asr 901-6cz-f-a"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-f-d
Search vendor "Cisco" for product "Asr 901-6cz-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-fs-a
Search vendor "Cisco" for product "Asr 901-6cz-fs-a"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-fs-d
Search vendor "Cisco" for product "Asr 901-6cz-fs-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-ft-a
Search vendor "Cisco" for product "Asr 901-6cz-ft-a"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901-6cz-ft-d
Search vendor "Cisco" for product "Asr 901-6cz-ft-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901s-2sg-f-ah
Search vendor "Cisco" for product "Asr 901s-2sg-f-ah"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901s-2sg-f-d
Search vendor "Cisco" for product "Asr 901s-2sg-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901s-3sg-f-ah
Search vendor "Cisco" for product "Asr 901s-3sg-f-ah"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901s-3sg-f-d
Search vendor "Cisco" for product "Asr 901s-3sg-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Asr 901s-4sg-f-d
Search vendor "Cisco" for product "Asr 901s-4sg-f-d"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Me 3600x-24cx-m
Search vendor "Cisco" for product "Me 3600x-24cx-m"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Me 3600x-24fs-m
Search vendor "Cisco" for product "Me 3600x-24fs-m"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Me 3600x-24ts-m
Search vendor "Cisco" for product "Me 3600x-24ts-m"
--
Safe
Cisco
Search vendor "Cisco"
Ios Xe
Search vendor "Cisco" for product "Ios Xe"
15.5\(3\)s
Search vendor "Cisco" for product "Ios Xe" and version "15.5\(3\)s"
-
Affected
in Cisco
Search vendor "Cisco"
Me 3800x-24fs-m
Search vendor "Cisco" for product "Me 3800x-24fs-m"
--
Safe