CVE-2018-0471 : A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could a

A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain CDP packets. An attacker could exploit this vulnerability by sending certain CDP packets to an affected device. A successful exploit could cause an affected device to continuously consume memory and eventually result in a memory allocation failure that leads to a crash, triggering a reload of the affected device.

Published 2018-10-05 14:29:05

Updated 2020-12-07 21:05:06

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2018-0471

Probability of exploitation activity in the next 30 days: 0.14%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 49 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-0471

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.1	MEDIUM	AV:A/AC:L/Au:N/C:N/I:N/A:C	6.5	6.9	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.4	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H	2.8	4.0	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2018-0471

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Assigned by: ykramarz@cisco.com (Secondary)
CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-0471

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-memleak

Cisco IOS XE Software Cisco Discovery Protocol Memory Leak Vulnerability
Vendor Advisory
http://www.securityfocus.com/bid/105398

Cisco IOS XE Software CVE-2018-0471 Denial of Service Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1041737

Cisco IOS/IOS XE Multiple Flaws Let Remote Users Cause the Target Device to Hang or Reload and Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url

Products affected by CVE-2018-0471

Cisco » Ios Xe » Version: 16.6.1
cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 16.6.2
cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2018-0471

Exploit prediction scoring system (EPSS) score for CVE-2018-0471

CVSS scores for CVE-2018-0471

CWE ids for CVE-2018-0471

References for CVE-2018-0471

Products affected by CVE-2018-0471