PT-2018-8604 · Cisco · Cisco Ucs Central

Published

2018-01-18

Updated

2019-10-09

CVE-2018-0094

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Cisco UCS Central Software (affected versions not specified)

Description: A vulnerability in IPv6 ingress packet processing could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The issue is due to insufficient rate limiting protection for IPv6 ingress traffic. An attacker could exploit this by sending a high rate of IPv6 packets, potentially causing a DoS condition due to CPU and resource constraints.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-693

Related Identifiers

CVE-2018-0094

Affected Products

Cisco Ucs Central

PT-2018-8604 · Cisco · Cisco Ucs Central

CVE-2018-0094

Weakness Enumeration

Related Identifiers

Affected Products

References · 5