CVE-2018-0175 — HIGH (8.0) — White Hats Nepal

Vulnerability Description

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

CVSS Score

8.0

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Ios	15.4\(3\)m4.1
Cisco	Ios Xe	15.4\(3\)m4.1
Cisco	Ios Xr	15.4\(3\)m4.1
Rockwellautomation	Allen-Bradley Stratix 8300 Industrial Managed Ethernet Switch	-
Rockwellautomation	Allen-Bradley Armorstratix 5700	-
Rockwellautomation	Allen-Bradley Stratix 5400	-
Rockwellautomation	Allen-Bradley Stratix 5410	-
Rockwellautomation	Allen-Bradley Stratix 5700	-
Rockwellautomation	Allen-Bradley Stratix 8000	-
Rockwellautomation	Allen-Bradley Stratix 5900 Services Router	-

Related Weaknesses (CWE)

CWE-134 CWE-119

References

http://www.securityfocus.com/bid/103564Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040586Broken LinkThird Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party AdvisoryUS Government Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
http://www.securityfocus.com/bid/103564Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040586Broken LinkThird Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party AdvisoryUS Government Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-US Government Resource

FAQ

What is CVE-2018-0175?

CVE-2018-0175 is a vulnerability with a CVSS score of 8.0 (HIGH). Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attac...

How severe is CVE-2018-0175?

CVE-2018-0175 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0175?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Ios Xe, Cisco Ios Xr, Rockwellautomation Allen-Bradley Stratix 8300 Industrial Managed Ethernet Switch, Rockwellautomation Allen-Bradley Armorstratix 5700.