FKIE_CVE-2018-0175

Vulnerability from fkie_nvd - Published: 2018-03-28 22:29 - Updated: 2025-10-28 13:57
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0175US Government Resource
Impacted products
Vendor Product Version
cisco ios 15.4\(3\)m4.1
cisco ios_xe 15.4\(3\)m4.1
cisco ios_xr 15.4\(3\)m4.1
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_8300_industrial_managed_ethernet_switch -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_armorstratix_5700 -
rockwellautomation allen-bradley_stratix_5400 -
rockwellautomation allen-bradley_stratix_5410 -
rockwellautomation allen-bradley_stratix_5700 -
rockwellautomation allen-bradley_stratix_8000 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_5900_services_router -
To clipboard 

{
  "cisaActionDue": "2022-03-17",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87BA352E-4C21-4428-A64B-E0C8B8287791",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:15.4\\(3\\)m4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6337E9DA-2C56-46BF-A00A-04B993ABD017",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:15.4\\(3\\)m4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA58F1A-A931-4416-86F8-D1055F1F05AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7690EC4-F375-4D0A-8EED-26E01ECFDE55",
              "versionEndIncluding": "15.2\\(4a\\)ea5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90778E3-4A55-498F-9CD6-80F8029AA722",
              "versionEndIncluding": "15.2\\(4a\\)ea5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8300_industrial_managed_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96AE552-ABC5-4101-ACF6-B7F20FFB4043",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE6CC29-29A9-4465-B0EA-1ECC435EBC55",
              "versionEndIncluding": "15.2\\(6\\)e0a",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBC562A-BC2C-4F64-B5D4-47C33BBEE3C7",
              "versionEndIncluding": "15.2\\(6\\)e0a",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_armorstratix_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8849345-E011-4160-A91C-DB760497AF9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE92939D-3D1E-445C-8888-F3EB4E35A034",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B148D62-D1B2-4E40-9DDD-A8702DFAD2E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8994DEA7-C4EC-47B9-8AEA-832AF9D1F8E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A02987-E6F4-41D2-92C5-016A22AC7D0A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FB1D01-2A6F-496E-AD56-BBE03DEB9493",
              "versionEndIncluding": "15.6.3m1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51621B6-010D-4D9F-9A9D-C354D8BB8135",
              "versionEndIncluding": "15.6.3m1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4519D430-ABFF-4683-AB18-1D87A6B1A217",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de cadena de formato en el subsistema LLDP (Link Layer Discovery Protocol) de Cisco IOS Software, Cisco IOS XE Software y Cisco IOS XR Software podr\u00eda permitir que un atacante adyacente sin autenticar provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) o que ejecute c\u00f3digo arbitrario con privilegios elevados en un dispositivo afectado. Cisco Bug IDs: CSCvd73664."
    }
  ],
  "id": "CVE-2018-0175",
  "lastModified": "2025-10-28T13:57:39.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-28T22:29:01.280",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103564"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040586"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0175"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.