← Voltar para CVEs
CVE-2018-0167
HIGHCISA KEV8.8
Descricao
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/28/2018
Ultima modificacao1/14/2026
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorCisco
ProdutoIOS, XR, and XE Software
Nome da vulnerabilidadeCisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Data inclusao KEV2022-03-03
Prazo de remediacao2022-03-17
Uso em ransomwareUnknown
Produtos afetados
cisco:asr_9001cisco:asr_9006cisco:asr_9010cisco:asr_9904cisco:asr_9906cisco:asr_9910cisco:asr_9912cisco:asr_9922cisco:ioscisco:ios_xecisco:ios_xrrockwellautomation:allen-bradley_armorstratix_5700rockwellautomation:allen-bradley_stratix_5400rockwellautomation:allen-bradley_stratix_5410rockwellautomation:allen-bradley_stratix_5700rockwellautomation:allen-bradley_stratix_5900rockwellautomation:allen-bradley_stratix_8000rockwellautomation:allen-bradley_stratix_8300
Fraquezas (CWE)
CWE-119CWE-119
Referencias
http://www.securityfocus.com/bid/103564(psirt@cisco.com)
http://www.securitytracker.com/id/1040586(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(psirt@cisco.com)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(psirt@cisco.com)
http://www.securityfocus.com/bid/103564(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040586(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0167(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.