Details of VAR-201810-0569

ID

VAR-201810-0569

CVE

CVE-2018-15377

TITLE

plural Cisco IOS Product depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011566

DESCRIPTION

A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by sending invalid data to the Cisco Network Plug and Play agent on an affected device. A successful exploit could allow the attacker to cause a memory leak on the affected device, which could cause the device to reload. plural Cisco IOS The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. This issue is being tracked by Cisco Bug ID CSCvi30136

Trust: 2.61

sources: NVD: CVE-2018-15377 // JVNDB: JVNDB-2018-011566 // CNVD: CNVD-2018-20777 // BID: 107775 // VULHUB: VHN-125630 // VULMON: CVE-2018-15377

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20777

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	everest-16.5.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3.1s\)m	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	denali-16.3.6	Trust: 1.6
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asr series route processor	scope:	eq	version:	10000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e1	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 eb	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e1	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e0a	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea.fc4	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 eb	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 ea1	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 e0a	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwall	model:	automation allen-bradley stratix 15.2 ea3	scope:	eq	version:	5700	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42160	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42060	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42020	Trust: 0.3
vendor:	cisco	model:	ncs	scope:	eq	version:	42010	Trust: 0.3
vendor:	cisco	model:	ios xe software denali	scope:	eq	version:	16.3.6	Trust: 0.3
vendor:	cisco	model:	ios xe software everest-16.5.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.7 m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	cloud services router	scope:	eq	version:	1000v0	Trust: 0.3
vendor:	cisco	model:	cbr-8 converged broadband router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c3850-12x48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-f-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-f-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-48f-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-32xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-32xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xu-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-24p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-16xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-16xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12xs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12xs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3850-12s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24uq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-8x24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ts-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48tq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48ps-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fs-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fqm-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-48fd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ts-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24ps-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pdm-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uz-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48ur-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48uq-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48fd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3650-12x48fd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-4sz-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-4sz-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24tz-m router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24sz-m router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-24sz-im router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12sz-im router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12cz-d router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-12cz-a router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr 920-10sz-pd router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr route switch processor	scope:	eq	version:	90030	Trust: 0.3
vendor:	cisco	model:	asr route switch processor	scope:	eq	version:	90020	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	1002-x0	Trust: 0.3
vendor:	cisco	model:	asr 1002-hx router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr router	scope:	eq	version:	1001-x0	Trust: 0.3
vendor:	cisco	model:	asr 1001-hx router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	4451-x0	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	44310	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43510	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43310	Trust: 0.3
vendor:	cisco	model:	integrated services router	scope:	eq	version:	43210	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 15.2 e2a	scope:	ne	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix 15.2 e2a	scope:	ne	version:	5700	Trust: 0.3

sources: CNVD: CNVD-2018-20777 // BID: 107775 // JVNDB: JVNDB-2018-011566 // CNNVD: CNNVD-201809-1263 // NVD: CVE-2018-15377

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15377
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-15377
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20777
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201809-1263
value:	HIGH
Trust: 0.6
VULHUB:	VHN-125630
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-15377
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-15377
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-20777
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-125630
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15377
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2018-15377
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-20777 // VULHUB: VHN-125630 // VULMON: CVE-2018-15377 // JVNDB: JVNDB-2018-011566 // CNNVD: CNNVD-201809-1263 // NVD: CVE-2018-15377

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.9
problemtype:	CWE-401	Trust: 1.1
problemtype:	CWE-20	Trust: 0.1
problemtype:	CWE-772	Trust: 0.1

sources: VULHUB: VHN-125630 // JVNDB: JVNDB-2018-011566 // NVD: CVE-2018-15377

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-1263

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201809-1263

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011566

PATCH

title:	cisco-sa-20180926-pnp-memleak	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-pnp-memleak	Trust: 0.8
title:	Patch for Cisco IOS Software and IOSXESoftware Memory Leak Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/142191	Trust: 0.6
title:	Cisco IOS Software and IOS XE Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85272	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-pnp-memleak	Trust: 0.1
title:	VSCAN	url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

sources: CNVD: CNVD-2018-20777 // VULMON: CVE-2018-15377 // JVNDB: JVNDB-2018-011566 // CNNVD: CNNVD-201809-1263

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15377	Trust: 3.5
db:	ICS CERT	id:	ICSA-19-094-02	Trust: 2.9
db:	JVNDB	id:	JVNDB-2018-011566	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1263	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20777	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1153	Trust: 0.6
db:	BID	id:	107775	Trust: 0.3
db:	VULHUB	id:	VHN-125630	Trust: 0.1
db:	VULMON	id:	CVE-2018-15377	Trust: 0.1

sources: CNVD: CNVD-2018-20777 // VULHUB: VHN-125630 // VULMON: CVE-2018-15377 // BID: 107775 // JVNDB: JVNDB-2018-011566 // CNNVD: CNNVD-201809-1263 // NVD: CVE-2018-15377

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-094-02	Trust: 3.6
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-pnp-memleak	Trust: 2.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15377	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15377	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/78478	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/401.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

CREDITS

Rockwell Automation reported this vulnerability to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201809-1263

SOURCES

db:	CNVD	id:	CNVD-2018-20777
db:	VULHUB	id:	VHN-125630
db:	VULMON	id:	CVE-2018-15377
db:	BID	id:	107775
db:	JVNDB	id:	JVNDB-2018-011566
db:	CNNVD	id:	CNNVD-201809-1263
db:	NVD	id:	CVE-2018-15377

LAST UPDATE DATE

2024-08-14T13:45:32.733000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20777	date:	2018-10-12T00:00:00
db:	VULHUB	id:	VHN-125630	date:	2020-08-31T00:00:00
db:	VULMON	id:	CVE-2018-15377	date:	2020-08-31T00:00:00
db:	BID	id:	107775	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011566	date:	2019-04-10T00:00:00
db:	CNNVD	id:	CNNVD-201809-1263	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2018-15377	date:	2020-08-31T20:00:52.937

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20777	date:	2018-10-12T00:00:00
db:	VULHUB	id:	VHN-125630	date:	2018-10-05T00:00:00
db:	VULMON	id:	CVE-2018-15377	date:	2018-10-05T00:00:00
db:	BID	id:	107775	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011566	date:	2019-01-16T00:00:00
db:	CNNVD	id:	CNNVD-201809-1263	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-15377	date:	2018-10-05T14:29:06.887