Sign-up

ID

VAR-201803-1371


CVE

CVE-2018-0151


TITLE

Cisco IOS Software and Cisco IOS XE software Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-003423

DESCRIPTION

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code on the affected device with elevated privileges. The attacker could also leverage this vulnerability to cause the device to reload, causing a temporary DoS condition while the device is reloading. The malicious packets must be destined to and processed by an affected device. Traffic transiting a device will not trigger the vulnerability. Cisco Bug IDs: CSCvf73881. Cisco IOS Software and Cisco IOS XE The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvf73881 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The qualityofservice (QoS) subsystem is one of the set of network quality of service subsystems. The vulnerability stems from the program failing to perform boundary detection on the values in the packet correctly. Failed attempts will likely result in denial-of-service conditions

Trust: 2.61

sources: NVD: CVE-2018-0151 // JVNDB: JVNDB-2018-003423 // CNVD: CNVD-2018-06854 // BID: 103540 // VULHUB: VHN-118353 // VULMON: CVE-2018-0151

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-06854

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:16.5.1

Trust: 1.0

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ios everestscope:eqversion:16.5.1

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:everest-16.5.1

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios everest-16.5.1scope: - version: -

Trust: 0.3

sources: CNVD: CNVD-2018-06854 // BID: 103540 // JVNDB: JVNDB-2018-003423 // CNNVD: CNNVD-201803-1038 // NVD: CVE-2018-0151

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0151
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-0151
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-06854
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201803-1038
value: CRITICAL

Trust: 0.6

VULHUB: VHN-118353
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0151
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0151
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-06854
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118353
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0151
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-0151
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-06854 // VULHUB: VHN-118353 // VULMON: CVE-2018-0151 // JVNDB: JVNDB-2018-003423 // CNNVD: CNNVD-201803-1038 // NVD: CVE-2018-0151

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-118353 // JVNDB: JVNDB-2018-003423 // NVD: CVE-2018-0151

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-1038

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201803-1038

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-003423

PATCH
title:cisco-sa-20180328-qosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos
Trust: 0.8
title:Patch for Cisco IOS Software and IOSXESoftwarequalityofservice Subsystem Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/124465
Trust: 0.6
title:Cisco IOS Software  and IOS XE Software quality of service Fixes for Subsystem Buffer Error Vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79506
Trust: 0.6
title:Cisco: Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180328-qos
Trust: 0.1
title:The Registerurl:https://www.theregister.co.uk/2018/03/29/cisco_critical_ios_bugs/
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco-patches-two-critical-rce-bugs-in-ios-xe-software/130852/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06854 // 
            
            
            
            VULMON: CVE-2018-0151 // 
            
            
            
            JVNDB: JVNDB-2018-003423 // 
            
            
            
            CNNVD: CNNVD-201803-1038

EXTERNAL IDS
db:NVDid:CVE-2018-0151
Trust: 3.5
db:BIDid:103540
Trust: 2.7
db:ICS CERTid:ICSA-18-107-03
Trust: 2.6
db:SECTRACKid:1040582
Trust: 2.4
db:JVNDBid:JVNDB-2018-003423
Trust: 0.8
db:CNNVDid:CNNVD-201803-1038
Trust: 0.7
db:CNVDid:CNVD-2018-06854
Trust: 0.6
db:VULHUBid:VHN-118353
Trust: 0.1
db:VULMONid:CVE-2018-0151
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06854 // 
            
            
            
            VULHUB: VHN-118353 // 
            
            
            
            VULMON: CVE-2018-0151 // 
            
            
            
            BID: 103540 // 
            
            
            
            JVNDB: JVNDB-2018-003423 // 
            
            
            
            CNNVD: CNNVD-201803-1038 // 
            
            
            
            NVD: CVE-2018-0151

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-107-03
Trust: 2.7
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-qos
Trust: 2.2
url:http://www.securityfocus.com/bid/103540
Trust: 1.9
url:http://www.securitytracker.com/id/1040582
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0151
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0151
Trust: 0.8
url:https://securitytracker.com/id/1040582
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco-patches-two-critical-rce-bugs-in-ios-xe-software/130852/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06854 // 
            
            
            
            VULHUB: VHN-118353 // 
            
            
            
            VULMON: CVE-2018-0151 // 
            
            
            
            BID: 103540 // 
            
            
            
            JVNDB: JVNDB-2018-003423 // 
            
            
            
            CNNVD: CNNVD-201803-1038 // 
            
            
            
            NVD: CVE-2018-0151

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 103540

SOURCES
db:CNVDid:CNVD-2018-06854
db:VULHUBid:VHN-118353
db:VULMONid:CVE-2018-0151
db:BIDid:103540
db:JVNDBid:JVNDB-2018-003423
db:CNNVDid:CNNVD-201803-1038
db:NVDid:CVE-2018-0151

LAST UPDATE DATE
2024-11-23T21:39:32.489000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-06854date:2018-05-02T00:00:00
db:VULHUBid:VHN-118353date:2019-12-02T00:00:00
db:VULMONid:CVE-2018-0151date:2019-12-02T00:00:00
db:BIDid:103540date:2018-03-28T00:00:00
db:JVNDBid:JVNDB-2018-003423date:2018-05-23T00:00:00
db:CNNVDid:CNNVD-201803-1038date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0151date:2024-11-21T03:37:37.053

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-06854date:2018-04-01T00:00:00
db:VULHUBid:VHN-118353date:2018-03-28T00:00:00
db:VULMONid:CVE-2018-0151date:2018-03-28T00:00:00
db:BIDid:103540date:2018-03-28T00:00:00
db:JVNDBid:JVNDB-2018-003423date:2018-05-23T00:00:00
db:CNNVDid:CNNVD-201803-1038date:2018-03-29T00:00:00
db:NVDid:CVE-2018-0151date:2018-03-28T22:29:00.297