CVE-2018-0257
Summary
| CVE | CVE-2018-0257 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-19 20:29:00 UTC |
| Updated | 2019-10-09 23:31:00 UTC |
| Description | A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect handling of certain DHCP packets. An attacker could exploit this vulnerability by sending certain DHCP packets to a specific segment of an affected device. A successful exploit could allow the attacker to increase CPU usage on the affected device and cause a DoS condition. Cisco Bug IDs: CSCvg73687. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Cisco | Ios Xe | 15.6(2)sp | All | All | All |
| Operating System | Cisco | Ios Xe | 15.6\(2\)sp | All | All | All |
| Operating System | Cisco | Ios Xe | 16.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5 | All | All | All |
| Operating System | Cisco | Ios Xe | 15.6\(2\)sp | All | All | All |
| Operating System | Cisco | Ios Xe | 16.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5 | All | All | All |
| Operating System | Cisco | Ios Xe | All | All | All | All |
| Operating System | Cisco | Ios Xe | All | All | All | All |
| Operating System | Cisco | Ios Xe | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco cBR Series Converged Broadband Routers High CPU Usage Denial of Service Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| Cisco IOS XE on cBR Converged Broadband Routers DHCP Processing Flaw Lets Remote Users Consume Excessive CPU Resources on the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Cisco cBR Series Converged Broadband Routers CVE-2018-0257 Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.