Vulnerability Description
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious requests to the affected software. An exploit could allow the attacker to cause the targeted process to restart, resulting in a DoS condition on the affected system. Cisco Bug IDs: CSCvg95792.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | 6.3.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104083Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040827Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/104083Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040827Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2018-0286?
CVE-2018-0286 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is ...
How severe is CVE-2018-0286?
CVE-2018-0286 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0286?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr.