CVE-2018-0290
Summary
| CVE | CVE-2018-0290 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-17 03:29:00 UTC |
| Updated | 2019-10-09 23:31:00 UTC |
| Description | A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. The vulnerability is due to faulty handling of new TCP connections to the affected application. An attacker could exploit this vulnerability by sending a malicious TCP packet to the vulnerable service. An exploit could allow the attacker to create a DoS condition by interrupting certain phone services. A manual restart of the service may be required to restore full functionalities. Cisco Bug IDs: CSCvh48368. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Socialminer | 11.6(1) | All | All | All |
| Application | Cisco | Socialminer | 11.6\(1\) | All | All | All |
| Application | Cisco | Socialminer | 11.6\(1\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco SocialMiner CVE-2018-0290 Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco SocialMiner Notification System Denial of Service Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.