CVE-2018-0177

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions 16.1.1 and later

Description: A vulnerability in the IP Version 4 (IPv4) processing code could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IPv4 packets. An attacker could exploit this vulnerability by sending specific IPv4 packets to an IPv4 address on an affected device. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition.

Recommendations: For Cisco IOS XE Software versions 16.1.1 and later, update to a fixed release to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.