Details of VAR-201803-1384

ID

VAR-201803-1384

CVE

CVE-2018-0167

TITLE

plural Cisco IOS Product buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-003569

DESCRIPTION

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487. Cisco IOS , Cisco IOS XE ,and Cisco IOS XR The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuo17183 and CSCvd73487 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOS Software, IOSXE Software, and IOSXR Software are operating systems developed by Cisco Systems for their network devices. LinkLayerDiscoveryProtocol (LLDP) subsystem is one of the link layer discovery protocol subsystems. The vulnerability stems from a program failing to properly handle malformed LLDP messages. An attacker could exploit the vulnerability by submitting an LLDP protocol data unit to cause a denial of service or to execute arbitrary code with elevated privileges. Cisco IOS/IOS XE/IOS XR Software are prone to multiple remote code-execution and multiple format-string vulnerabilities. Failed exploit attempts may result in a denial of service conditions. These issues are being tracked by Cisco Bug ID' s CSCuo17183, CSCvd73487 and CSCvd73664

Trust: 2.61

sources: NVD: CVE-2018-0167 // JVNDB: JVNDB-2018-003569 // CNVD: CNVD-2018-08183 // BID: 103564 // VULHUB: VHN-118369 // VULMON: CVE-2018-0167

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-08183

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	-	version:	-	Trust: 1.7
vendor:	cisco	model:	ios	scope:	eq	version:	5.2.0.base	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	5.2.0.base	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios xe	scope:	lte	version:	15.2\(4a\)ea5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lte	version:	15.6.3m1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lt	version:	5.1.3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.6.3m1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lte	version:	15.2\(6\)e0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.2\(4a\)ea5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.2\(6\)e0a	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	gte	version:	4.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.0.base	Trust: 0.6
vendor:	cisco	model:	ios xr software	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	4.3	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	5.1.0	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	eq	version:	5.0.0	Trust: 0.3
vendor:	cisco	model:	ios xe	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios 15.4 m4.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios xr software	scope:	ne	version:	5.1.3	Trust: 0.3

sources: CNVD: CNVD-2018-08183 // BID: 103564 // JVNDB: JVNDB-2018-003569 // CNNVD: CNNVD-201803-1025 // NVD: CVE-2018-0167

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0167
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0167
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08183
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-1025
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118369
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-0167
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0167
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-08183
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118369
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0167
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0167
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-08183 // VULHUB: VHN-118369 // VULMON: CVE-2018-0167 // JVNDB: JVNDB-2018-003569 // CNNVD: CNNVD-201803-1025 // NVD: CVE-2018-0167

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-118369 // JVNDB: JVNDB-2018-003569 // NVD: CVE-2018-0167

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201803-1025

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201803-1025

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003569

PATCH

title:	cisco-sa-20180328-lldp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp	Trust: 0.8
title:	Patch for Cisco IOS/IOSXE/IOSXRSoftwareLinkLayerDiscoveryProtocol Subsystem Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/126857	Trust: 0.6
title:	Cisco IOS Software , IOS XE Software and IOS XR Software Link Layer Discovery Protocol Fixes for Subsystem Buffer Error Vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=79493	Trust: 0.6
title:	Cisco: Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180328-lldp	Trust: 0.1
title:	Known Exploited Vulnerabilities Detector	url:	https://github.com/Ostorlab/KEV	Trust: 0.1

sources: CNVD: CNVD-2018-08183 // VULMON: CVE-2018-0167 // JVNDB: JVNDB-2018-003569 // CNNVD: CNNVD-201803-1025

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0167	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-107-04	Trust: 2.6
db:	ICS CERT	id:	ICSA-18-107-03	Trust: 2.6
db:	ICS CERT	id:	ICSA-18-107-05	Trust: 2.6
db:	BID	id:	103564	Trust: 2.1
db:	SECTRACK	id:	1040586	Trust: 1.8
db:	JVNDB	id:	JVNDB-2018-003569	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-1025	Trust: 0.7
db:	CNVD	id:	CNVD-2018-08183	Trust: 0.6
db:	AUSCERT	id:	ESB-2018.0912.2	Trust: 0.6
db:	VULHUB	id:	VHN-118369	Trust: 0.1
db:	VULMON	id:	CVE-2018-0167	Trust: 0.1

sources: CNVD: CNVD-2018-08183 // VULHUB: VHN-118369 // VULMON: CVE-2018-0167 // BID: 103564 // JVNDB: JVNDB-2018-003569 // CNNVD: CNNVD-201803-1025 // NVD: CVE-2018-0167

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-lldp	Trust: 2.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-03	Trust: 2.7
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-04	Trust: 2.6
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-05	Trust: 2.6
url:	http://www.securityfocus.com/bid/103564	Trust: 1.9
url:	http://www.securitytracker.com/id/1040586	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0167	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0167	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2018.0912.2	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/ostorlab/kev	Trust: 0.1

sources: CNVD: CNVD-2018-08183 // VULHUB: VHN-118369 // VULMON: CVE-2018-0167 // BID: 103564 // JVNDB: JVNDB-2018-003569 // CNNVD: CNNVD-201803-1025 // NVD: CVE-2018-0167

CREDITS

Cisco.

Trust: 0.3

sources: BID: 103564

SOURCES

db:	CNVD	id:	CNVD-2018-08183
db:	VULHUB	id:	VHN-118369
db:	VULMON	id:	CVE-2018-0167
db:	BID	id:	103564
db:	JVNDB	id:	JVNDB-2018-003569
db:	CNNVD	id:	CNNVD-201803-1025
db:	NVD	id:	CVE-2018-0167

LAST UPDATE DATE

2024-11-23T21:39:32.652000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08183	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118369	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-0167	date:	2019-10-09T00:00:00
db:	BID	id:	103564	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003569	date:	2018-05-28T00:00:00
db:	CNNVD	id:	CNNVD-201803-1025	date:	2023-01-11T00:00:00
db:	NVD	id:	CVE-2018-0167	date:	2024-11-21T03:37:38.867

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-08183	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118369	date:	2018-03-28T00:00:00
db:	VULMON	id:	CVE-2018-0167	date:	2018-03-28T00:00:00
db:	BID	id:	103564	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003569	date:	2018-05-28T00:00:00
db:	CNNVD	id:	CNNVD-201803-1025	date:	2018-03-29T00:00:00
db:	NVD	id:	CVE-2018-0167	date:	2018-03-28T22:29:00.907