← Back to CVEs
CVE-2018-0167
HIGHCISA KEV8.8
Description
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/28/2018
Last Modified1/14/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorCisco
ProductIOS, XR, and XE Software
Vulnerability NameCisco IOS, XR, and XE Software Buffer Overflow Vulnerability
KEV Date Added2022-03-03
Remediation Due Date2022-03-17
Ransomware UseUnknown
Affected Products
cisco:asr_9001cisco:asr_9006cisco:asr_9010cisco:asr_9904cisco:asr_9906cisco:asr_9910cisco:asr_9912cisco:asr_9922cisco:ioscisco:ios_xecisco:ios_xrrockwellautomation:allen-bradley_armorstratix_5700rockwellautomation:allen-bradley_stratix_5400rockwellautomation:allen-bradley_stratix_5410rockwellautomation:allen-bradley_stratix_5700rockwellautomation:allen-bradley_stratix_5900rockwellautomation:allen-bradley_stratix_8000rockwellautomation:allen-bradley_stratix_8300
Weaknesses (CWE)
CWE-119CWE-119
References
http://www.securityfocus.com/bid/103564(psirt@cisco.com)
http://www.securitytracker.com/id/1040586(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(psirt@cisco.com)
http://www.securityfocus.com/bid/103564(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040586(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0167(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.