PT-2018-8653 · Cisco · Cisco Ios Xe

Published

2018-03-28

Updated

2019-12-03

CVE-2018-0170

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software (affected versions not specified)

Description: A logic error exists when handling a malformed incoming packet, leading to access to an internal data structure after it has been freed. An attacker could exploit this by sending crafted, malformed IP packets to an affected device, causing it to reload and resulting in a denial of service (DoS) condition.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2018-0170

Affected Products

Cisco Ios Xe

PT-2018-8653 · Cisco · Cisco Ios Xe

CVE-2018-0170

Weakness Enumeration

Related Identifiers

Affected Products

References · 5