Details of VAR-201810-0343

ID

VAR-201810-0343

CVE

CVE-2018-0471

TITLE

Cisco IOS XE Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011124

DESCRIPTION

A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain CDP packets. An attacker could exploit this vulnerability by sending certain CDP packets to an affected device. A successful exploit could cause an affected device to continuously consume memory and eventually result in a memory allocation failure that leads to a crash, triggering a reload of the affected device. Cisco IOS XE The software is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. Cisco Discovery Protocol (CDP) is one of the device discovery modules. An attacker with a physical location nearby can exploit the vulnerability to cause a denial of service (crash). Attackers can exploit this issue to reload the affected device, denying service to legitimate users This issue is being tracked by Cisco Bug ID CSCvf50648

Trust: 2.52

sources: NVD: CVE-2018-0471 // JVNDB: JVNDB-2018-011124 // CNVD: CNVD-2018-20221 // BID: 105398 // VULHUB: VHN-118673

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20221

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 2.7
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 2.4
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.6.2	Trust: 0.9
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.6.1	Trust: 0.9
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	everest-16.6.1	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	16.7.1	Trust: 0.3
vendor:	cisco	model:	ios everest-16.6.1	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2018-20221 // BID: 105398 // JVNDB: JVNDB-2018-011124 // CNNVD: CNNVD-201809-1238 // NVD: CVE-2018-0471

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0471
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0471
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20221
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201809-1238
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118673
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0471
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-20221
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118673
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0471
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0471
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-20221 // VULHUB: VHN-118673 // JVNDB: JVNDB-2018-011124 // CNNVD: CNNVD-201809-1238 // NVD: CVE-2018-0471

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.9
problemtype:	CWE-772	Trust: 1.1

sources: VULHUB: VHN-118673 // JVNDB: JVNDB-2018-011124 // NVD: CVE-2018-0471

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201809-1238

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201809-1238

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011124

PATCH

title:	cisco-sa-20180926-cdp-memleak	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-memleak	Trust: 0.8
title:	Patch for Cisco IOSXESoftware Denial of Service Vulnerability (CNVD-2018-20221)	url:	https://www.cnvd.org.cn/patchInfo/show/141463	Trust: 0.6
title:	Cisco IOS XE Software Discovery Protocol Repair measures for module security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85253	Trust: 0.6

sources: CNVD: CNVD-2018-20221 // JVNDB: JVNDB-2018-011124 // CNNVD: CNNVD-201809-1238

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0471	Trust: 3.4
db:	BID	id:	105398	Trust: 2.6
db:	SECTRACK	id:	1041737	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-011124	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1238	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20221	Trust: 0.6
db:	VULHUB	id:	VHN-118673	Trust: 0.1

sources: CNVD: CNVD-2018-20221 // VULHUB: VHN-118673 // BID: 105398 // JVNDB: JVNDB-2018-011124 // CNNVD: CNNVD-201809-1238 // NVD: CVE-2018-0471

REFERENCES

url:	http://www.securityfocus.com/bid/105398	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-cdp-memleak	Trust: 2.0
url:	http://www.securitytracker.com/id/1041737	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0471	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0471	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-20221 // VULHUB: VHN-118673 // BID: 105398 // JVNDB: JVNDB-2018-011124 // CNNVD: CNNVD-201809-1238 // NVD: CVE-2018-0471

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105398

SOURCES

db:	CNVD	id:	CNVD-2018-20221
db:	VULHUB	id:	VHN-118673
db:	BID	id:	105398
db:	JVNDB	id:	JVNDB-2018-011124
db:	CNNVD	id:	CNNVD-201809-1238
db:	NVD	id:	CVE-2018-0471

LAST UPDATE DATE

2024-08-14T13:45:32.656000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20221	date:	2018-09-30T00:00:00
db:	VULHUB	id:	VHN-118673	date:	2019-12-02T00:00:00
db:	BID	id:	105398	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011124	date:	2019-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201809-1238	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0471	date:	2020-12-07T21:05:05.667

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20221	date:	2018-09-30T00:00:00
db:	VULHUB	id:	VHN-118673	date:	2018-10-05T00:00:00
db:	BID	id:	105398	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011124	date:	2019-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201809-1238	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-0471	date:	2018-10-05T14:29:04.920