CVE-2018-0282

Name of the Vulnerable Software and Affected Versions Cisco IOS and Cisco IOS XE Software (affected versions not specified)

Description The issue is related to errors in managing the state of TCP sockets in Cisco IOS and Cisco IOS XE Software. This could allow a remote attacker to cause the device to reload by sending specially crafted HTTP requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state, and it potentially affects all TCP applications, although only the HTTP server has been observed to be affected so far.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.