CVE-2018-0175
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Severity Score
8.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
Vulnerabilidad de cadena de formato en el subsistema LLDP (Link Layer Discovery Protocol) de Cisco IOS Software, Cisco IOS XE Software y Cisco IOS XR Software podría permitir que un atacante adyacente sin autenticar provoque una condición de denegación de servicio (DoS) o que ejecute código arbitrario con privilegios elevados en un dispositivo afectado. Cisco Bug IDs: CSCvd73664.
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-11-27 CVE Reserved
- 2018-03-28 CVE Published
- 2022-03-03 Exploited in Wild
- 2022-03-17 KEV Due Date
- 2024-07-25 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103564 | Broken Link | |
| http://www.securitytracker.com/id/1040586 | Broken Link | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03 | Third Party Advisory | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04 | Third Party Advisory | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp | 2024-07-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(4a\)ea5 Search vendor "Cisco" for product "Ios" and version " <= 15.2\(4a\)ea5" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(4a\)ea5 Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(4a\)ea5" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Armorstratix 5700 Search vendor "Rockwellautomation" for product "Allen-bradley Armorstratix 5700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5400 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5400" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5410 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5410" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5700 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8000 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Armorstratix 5700 Search vendor "Rockwellautomation" for product "Allen-bradley Armorstratix 5700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5400 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5400" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5410 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5410" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5700 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5700" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.2\(6\)e0a Search vendor "Cisco" for product "Ios Xe" and version " <= 15.2\(6\)e0a" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 8000 Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 8000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.6.3m1 Search vendor "Cisco" for product "Ios" and version " <= 15.6.3m1" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5900 Services Router Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5900 Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | <= 15.6.3m1 Search vendor "Cisco" for product "Ios Xe" and version " <= 15.6.3m1" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Allen-bradley Stratix 5900 Services Router Search vendor "Rockwellautomation" for product "Allen-bradley Stratix 5900 Services Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(3\)m4.1 Search vendor "Cisco" for product "Ios" and version "15.4\(3\)m4.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 15.4\(3\)m4.1 Search vendor "Cisco" for product "Ios Xe" and version "15.4\(3\)m4.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 15.4\(3\)m4.1 Search vendor "Cisco" for product "Ios Xr" and version "15.4\(3\)m4.1" | - |
Affected
| ||||||