CVE-2018-0180

Published Mar 28, 2018

Last updated 3 days ago

Overview

Description
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.
Source
ykramarz@cisco.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
5.9
Impact score
3.6
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

CVSS 2.0

Type
Primary
Base score
7.1
Impact score
6.9
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:N/I:N/A:C

Known exploits

Data from CISA

Vulnerability name
Cisco IOS Software Denial-of-Service Vulnerability
Exploit added on
Mar 3, 2022
Exploit action due
Mar 17, 2022
Required action
Apply updates per vendor instructions.

Weaknesses

ykramarz@cisco.com
CWE-399
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

Configurations