CVE-2018-0257
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect handling of certain DHCP packets. An attacker could exploit this vulnerability by sending certain DHCP packets to a specific segment of an affected device. A successful exploit could allow the attacker to increase CPU usage on the affected device and cause a DoS condition. Cisco Bug IDs: CSCvg73687.
Una vulnerabilidad en Cisco IOS XE Software de Cisco cBR Series Converged Broadband Routers podría permitir que un atacante adyacente sin autenticar provoque un uso alto de CPU en un dispositivo afectado, lo que resulta en una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe a la gestión incorrecta de ciertos paquetes DHCP. Un atacante podría explotar esta vulnerabilidad enviando ciertos paquetes DHCP a un segmento en concreto de un dispositivo afectado. Su explotación exitosa podría permitir que el atacante aumente el uso de CPU en el dispositivo afectado y provoque una denegación de servicio (DoS). Cisco Bug IDs: CSCvg73687.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-04-19 CVE Published
- 2023-10-20 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103948 | Third Party Advisory | |
| http://www.securitytracker.com/id/1040716 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-cbr8 | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | >= 3.18 <= 3.18.4 Search vendor "Cisco" for product "Ios Xe" and version " >= 3.18 <= 3.18.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | >= 16.6 <= 16.6.3 Search vendor "Cisco" for product "Ios Xe" and version " >= 16.6 <= 16.6.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | > 16.7 <= 16.7.2 Search vendor "Cisco" for product "Ios Xe" and version " > 16.7 <= 16.7.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 15.6\(2\)sp Search vendor "Cisco" for product "Ios Xe" and version "15.6\(2\)sp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4 Search vendor "Cisco" for product "Ios Xe" and version "16.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5 Search vendor "Cisco" for product "Ios Xe" and version "16.5" | - |
Affected
| ||||||