CVE-2018-0172

Summary

CVE	CVE-2018-0172
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-03-28 22:29:00 UTC
Updated	2020-09-04 18:25:00 UTC
Description	A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730.

Risk And Classification

EPSS: 0.061900000 probability, percentile 0.908100000 (date 2026-04-02)

CISA KEV: Listed on 2022-03-03; due 2022-03-17; ransomware use Unknown

Problem Types: CWE-787

CISA Known Exploited Vulnerability

Vendor	Cisco
Product	IOS and IOS XE Software
Name	Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
Required Action	Apply updates per vendor instructions.
Notes	https://nvd.nist.gov/vuln/detail/CVE-2018-0172

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Cisco	Ios	-	All	All	All
Operating System	Cisco	Ios	-	All	All	All
Operating System	Cisco	Ios Xe	-	All	All	All
Operating System	Cisco	Ios Xe	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Armorstratix 5700	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Armorstratix 5700	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5400	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5400	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5410	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5410	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5700	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 5700	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 8000	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 8000	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 8300	-	All	All	All
Hardware	Rockwellautomation	Allen-bradley Stratix 8300	-	All	All	All

References

Reference	Source	Link	Tags
Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability	CONFIRM	tools.cisco.com	Vendor Advisory
Rockwell Automation Stratix and ArmorStratix Switches \| CISA	MISC	ics-cert.us-cert.gov	Third Party Advisory, US Government Resource
Rockwell Automation Stratix Industrial Managed Ethernet Switch \| ICS-CERT	MISC	ics-cert.us-cert.gov	Third Party Advisory, US Government Resource
Cisco IOS/IOS XE DHCP Option 82 Processing Bugs Let Remote Users Cause the Target System to Reload - SecurityTracker	SECTRACK	www.securitytracker.com	Third Party Advisory, VDB Entry
Malformed Request	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
[R1] Cisco IOS and IOS XE Multiple Memory Corruption Vulnerabilities - Research Advisory \| Tenable®	MISC	www.tenable.com	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis
CISA Known Exploited Vulnerabilities catalog	CISA	www.cisa.gov	kev

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

590338 Rockwell Automation Stratix and ArmorStratix Switches Multiple Vulnerabilities (ICSA-18-107-04)
590339 Rockwell Automation Stratix Industrial Managed Ethernet Switch Multiple Vulnerabilities (ICSA-18-107-05)