CVE-2018-0161

Name of the Vulnerable Software and Affected Versions Cisco IOS Software (affected versions not specified)

Description A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device, potentially causing the device to restart due to a SYS-3-CPUHOG.

Recommendations For Cisco Catalyst 2960-L Series Switches, Cisco Catalyst Digital Building Series Switches 8P, and Cisco Catalyst Digital Building Series Switches 8U, update to a fixed release of Cisco IOS Software. As a temporary workaround, consider restricting access to the SNMP subsystem to minimize the risk of exploitation. Avoid using the ciscoFlashMIB OID in SNMP GET requests until the issue is resolved. Apply the workarounds described in the Cisco Security Advisory to address this vulnerability.