← Retour aux CVEs
CVE-2018-0175
HIGHCISA KEV8.0
Description
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
Details CVE
Score CVSS v3.18.0
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie3/28/2018
Derniere modification1/14/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurCisco
ProduitIOS, XR, and XE Software
Nom vulnerabiliteCisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Date ajout KEV2022-03-03
Date limite remediation2022-03-17
Utilise dans ransomwareUnknown
Produits affectes
cisco:ioscisco:ios_xecisco:ios_xrrockwellautomation:allen-bradley_armorstratix_5700rockwellautomation:allen-bradley_stratix_5400rockwellautomation:allen-bradley_stratix_5410rockwellautomation:allen-bradley_stratix_5700rockwellautomation:allen-bradley_stratix_5900_services_routerrockwellautomation:allen-bradley_stratix_8000rockwellautomation:allen-bradley_stratix_8300_industrial_managed_ethernet_switch
Faiblesses (CWE)
CWE-119CWE-134
References
http://www.securityfocus.com/bid/103564(psirt@cisco.com)
http://www.securitytracker.com/id/1040586(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(psirt@cisco.com)
http://www.securityfocus.com/bid/103564(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040586(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0175(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.