Details of VAR-201810-0340

ID

VAR-201810-0340

CVE

CVE-2018-0467

TITLE

Cisco IOS XE Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-010842

DESCRIPTION

A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco IOS Software and IOSXE Software are operating systems developed by Cisco for its network devices

Trust: 2.61

sources: NVD: CVE-2018-0467 // JVNDB: JVNDB-2018-010842 // CNVD: CNVD-2018-20261 // BID: 107779 // VULHUB: VHN-118669 // VULMON: CVE-2018-0467

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20261

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.6\(2\)sp	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	everest-16.6.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asr series route processor	scope:	eq	version:	10000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix	scope:	eq	version:	83000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	8000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	8000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 eb	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea2	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea1	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 e0a	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwall	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	8000	Trust: 0.3
vendor:	rockwall	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwall	model:	automation allen-bradley armorstratix 15.2 ea3	scope:	eq	version:	5700	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42160	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42060	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42020	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42010	Trust: 0.3
vendor:	cisco	model:	me 3800x-24fs-m switch router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	me 3600x-24ts-m switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	me 3600x-24fs-m switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	me 3600x-24cx-m switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	cloud services router	scope:	eq	version:	1000v0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-f-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-f-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-32xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-32xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-16xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-16xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48fd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48fd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-4sz-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-4sz-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24tz-m router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24sz-m router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24sz-im router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12sz-im router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12cz-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12cz-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-10sz-pd router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	9030	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	9020	Trust: 0.3
vendor:	cisco	model:	asr 901s-4sg-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901s-3sg-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901s-3sg-f-ah router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901s-2sg-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901s-2sg-f-ah router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-ft-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-ft-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-fs-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-fs-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-6cz-f-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-4c-ft-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-4c-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-12c-ft-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 901-12c-f-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr route switch processor	scope:	eq	version:	90030	Trust: 0.3
vendor:	cisco	model:	asr route switch processor	scope:	eq	version:	90020	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	1002-x0	Trust: 0.3
vendor:	cisco	model:	asr 1002-hx router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	1001-x0	Trust: 0.3
vendor:	cisco	model:	asr 1001-hx router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	4451-x0	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	44510	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	44310	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43510	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43310	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43210	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea7	scope:	ne	version:	8300	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	8000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 e2a	scope:	ne	version:	5700	Trust: 0.3

sources: CNVD: CNVD-2018-20261 // BID: 107779 // JVNDB: JVNDB-2018-010842 // CNNVD: CNNVD-201809-1256 // NVD: CVE-2018-0467

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0467
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0467
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20261
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201809-1256
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118669
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-0467
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0467
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-20261
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118669
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0467
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-20261 // VULHUB: VHN-118669 // VULMON: CVE-2018-0467 // JVNDB: JVNDB-2018-010842 // CNNVD: CNNVD-201809-1256 // NVD: CVE-2018-0467

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-118669 // JVNDB: JVNDB-2018-010842 // NVD: CVE-2018-0467

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-1256

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 107779 // CNNVD: CNNVD-201809-1256

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010842

PATCH

title:	cisco-sa-20180926-ipv6hbh	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh	Trust: 0.8
title:	Patch for CiscoIOS and IOSXESoftwareIPv6Hop-by-HopOptions Denial of Service Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/141465	Trust: 0.6
title:	Cisco IOS Software and IOS XE Software Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85265	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-ipv6hbh	Trust: 0.1

sources: CNVD: CNVD-2018-20261 // VULMON: CVE-2018-0467 // JVNDB: JVNDB-2018-010842 // CNNVD: CNNVD-201809-1256

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0467	Trust: 3.5
db:	ICS CERT	id:	ICSA-19-094-03	Trust: 2.9
db:	SECTRACK	id:	1041737	Trust: 1.8
db:	JVNDB	id:	JVNDB-2018-010842	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1256	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20261	Trust: 0.6
db:	ICS CERT	id:	ICSA-19-094-02	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1153	Trust: 0.6
db:	BID	id:	107779	Trust: 0.3
db:	VULHUB	id:	VHN-118669	Trust: 0.1
db:	VULMON	id:	CVE-2018-0467	Trust: 0.1

sources: CNVD: CNVD-2018-20261 // VULHUB: VHN-118669 // VULMON: CVE-2018-0467 // BID: 107779 // JVNDB: JVNDB-2018-010842 // CNNVD: CNNVD-201809-1256 // NVD: CVE-2018-0467

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-094-03	Trust: 3.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-ipv6hbh	Trust: 2.7
url:	http://www.securitytracker.com/id/1041737	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0467	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0467	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-19-094-02	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/78478	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/cisco-ios-cve-2018-0467	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/150461	Trust: 0.1

sources: CNVD: CNVD-2018-20261 // VULHUB: VHN-118669 // VULMON: CVE-2018-0467 // BID: 107779 // JVNDB: JVNDB-2018-010842 // CNNVD: CNNVD-201809-1256 // NVD: CVE-2018-0467

CREDITS

Rockwell Automation reported these vulnerabilities to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201809-1256

SOURCES

db:	CNVD	id:	CNVD-2018-20261
db:	VULHUB	id:	VHN-118669
db:	VULMON	id:	CVE-2018-0467
db:	BID	id:	107779
db:	JVNDB	id:	JVNDB-2018-010842
db:	CNNVD	id:	CNNVD-201809-1256
db:	NVD	id:	CVE-2018-0467

LAST UPDATE DATE

2024-08-14T13:45:32.811000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20261	date:	2018-09-30T00:00:00
db:	VULHUB	id:	VHN-118669	date:	2019-04-15T00:00:00
db:	VULMON	id:	CVE-2018-0467	date:	2019-04-15T00:00:00
db:	BID	id:	107779	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-010842	date:	2019-04-10T00:00:00
db:	CNNVD	id:	CNNVD-201809-1256	date:	2019-04-19T00:00:00
db:	NVD	id:	CVE-2018-0467	date:	2019-04-15T12:31:08.757

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20261	date:	2018-09-30T00:00:00
db:	VULHUB	id:	VHN-118669	date:	2018-10-05T00:00:00
db:	VULMON	id:	CVE-2018-0467	date:	2018-10-05T00:00:00
db:	BID	id:	107779	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-010842	date:	2018-12-25T00:00:00
db:	CNNVD	id:	CNNVD-201809-1256	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-0467	date:	2018-10-05T14:29:04.590