Vulnerability Details : CVE-2018-0175
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2018-0175
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*When used together with: Rockwellautomation » Allen-bradley Stratix 5900 Services Router » Version: N/A
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*When used together with: Rockwellautomation » Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch » Version: N/A
- cpe:2.3:o:cisco:ios:15.4\(3\)m4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:15.4\(3\)m4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*When used together with: Rockwellautomation » Allen-bradley Stratix 8300 Industrial Managed Ethernet Switch » Version: N/A
- cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*When used together with: Rockwellautomation » Allen-bradley Stratix 5900 Services Router » Version: N/A
- cpe:2.3:o:cisco:ios_xe:15.4\(3\)m4.1:*:*:*:*:*:*:*
CVE-2018-0175 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2018-0175
Added on
2022-03-03
Action due date
2022-03-17
Exploit prediction scoring system (EPSS) score for CVE-2018-0175
3.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0175
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.9
|
HIGH | AV:A/AC:M/Au:N/C:C/I:C/A:C |
5.5
|
10.0
|
NIST | |
8.0
|
HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.1
|
5.9
|
NIST | |
8.0
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.1
|
5.9
|
NIST | 2024-07-24 |
CWE ids for CVE-2018-0175
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by:
- psirt@cisco.com (Secondary)
- ykramarz@cisco.com (Secondary)
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0175
-
http://www.securitytracker.com/id/1040586
Cisco IOS/IOS XE/IOS XR Link Layer Discovery Protocol Bugs Let Remote Users on the Local Network Gain Elevated Privileges - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
Rockwell Automation Stratix and ArmorStratix Switches | CISAThird Party Advisory;US Government Resource
-
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03
Rockwell Automation Stratix Services Router | CISAThird Party Advisory;US Government Resource
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp
Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow VulnerabilitiesVendor Advisory
-
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05
Rockwell Automation Stratix Industrial Managed Ethernet Switch | CISAThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/103564
Cisco IOS/IOS XE/IOS XR Software Multiple Remote Code Execution and Format String VulnerabilitiesBroken Link;Third Party Advisory;VDB Entry
Jump to