CVE-2018-0418
Summary
| CVE | CVE-2018-0418 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-15 20:29:00 UTC |
| Updated | 2020-08-31 16:13:00 UTC |
| Description | A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Asr 9000v | - | All | All | All |
| Hardware | Cisco | Asr 9000v | - | All | All | All |
| Hardware | Cisco | Asr 9001 | - | All | All | All |
| Hardware | Cisco | Asr 9001 | - | All | All | All |
| Hardware | Cisco | Asr 9006 | - | All | All | All |
| Hardware | Cisco | Asr 9006 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9901 | - | All | All | All |
| Hardware | Cisco | Asr 9901 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9906 | - | All | All | All |
| Hardware | Cisco | Asr 9906 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Operating System | Cisco | Ios Xr | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| Cisco ASR 9000 Series Aggregation Services Routers Local Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco ASR 9000 Series Router LPTS Input Validation Flaw Lets Remote Users Deny Service - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.