Vulnerability-Lookup

CVE-2018-0171 (GCVE-0-2018-0171)

Vulnerability from cvelistv5 – Published: 2018-03-28 22:00 – Updated: 2026-01-12 21:34

Summary

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04	x_refsource_MISC
	http://www.securitytracker.com/id/1040580	vdb-entryx_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/C…	x_refsource_CONFIRM
	https://www.darkreading.com/perimeter/attackers-e…	x_refsource_MISC
	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05	x_refsource_MISC
	http://www.securityfocus.com/bid/103538	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco IOS and IOS XE	Affected: Cisco IOS and IOS XE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
          },
          {
            "name": "1040580",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040580"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
          },
          {
            "name": "103538",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103538"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2018-0171",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:04:53.348841Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-12T21:34:43.255Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS and IOS XE",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS and IOS XE"
            }
          ]
        }
      ],
      "datePublic": "2018-03-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-19T13:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
        },
        {
          "name": "1040580",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040580"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
        },
        {
          "name": "103538",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103538"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0171",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS and IOS XE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS and IOS XE"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
            },
            {
              "name": "1040580",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040580"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
            },
            {
              "name": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490",
              "refsource": "MISC",
              "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
            },
            {
              "name": "103538",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103538"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0171",
    "datePublished": "2018-03-28T22:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2026-01-12T21:34:43.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2018-0171",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2018-0171",
      "product": "IOS and IOS XE",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1040580\", \"name\": \"1040580\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/103538\", \"name\": \"103538\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T03:14:16.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-0171\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T16:04:53.348841Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T16:06:31.381Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Cisco IOS and IOS XE\", \"versions\": [{\"status\": \"affected\", \"version\": \"Cisco IOS and IOS XE\"}]}], \"datePublic\": \"2018-03-28T00:00:00.000Z\", \"references\": [{\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securitytracker.com/id/1040580\", \"name\": \"1040580\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securityfocus.com/bid/103538\", \"name\": \"103538\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2018-04-19T13:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Cisco IOS and IOS XE\"}]}, \"product_name\": \"Cisco IOS and IOS XE\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04\", \"name\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securitytracker.com/id/1040580\", \"name\": \"1040580\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2\", \"name\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490\", \"name\": \"https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490\", \"refsource\": \"MISC\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05\", \"name\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securityfocus.com/bid/103538\", \"name\": \"103538\", \"refsource\": \"BID\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-0171\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@cisco.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-0171\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-12T21:34:43.255Z\", \"dateReserved\": \"2017-11-27T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2018-03-28T22:00:00.000Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2018-AVI-156

Vulnerability from certfr_avis - Published: 2018-03-29 - Updated: 2018-03-29

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Catalyst 4500 Supervisor Engine 6L-E (K10)
Cisco	N/A	Catalyst 4900M Switch (K5)
Cisco	IOS XE	Cisco IOS XE versions 16.x
Cisco	N/A	Catalyst 4500E Supervisor Engine 8-E (K10)
Cisco	N/A	Catalyst 4500E Supervisor Engine 8L-E (K10)
Cisco	N/A	Catalyst 4500 Supervisor Engine 6-E (K5)
Cisco	IOS XE	Cisco Catalyst 3850 et Cisco Catalyst 3650 exécutant Cisco IOS XE version 16.1.1 ou postérieure
Cisco	IOS	Cisco ISM-VPN installé sur une version vulnérable de Cisco IOS
Cisco	IOS XE	Cisco IOS ou Cisco IOS XE avec le protocole Internet Security Association and Key Management Protocol (ISAKMP) activé
Cisco	N/A	Cisco Catalyst Digital Building Series Switches – 8U
Cisco	N/A	Cisco Catalyst 2960-L Series Switches
Cisco	N/A	Cisco Catalyst Digital Building Series Switches – 8P
Cisco	IOS XE	Cisco IOS XE utilisant la fonctionnalité Zone-Based Policy Firewall et exécutant une des versions Everest-16.4.1, Everest-16.4.2, Everest-16.5.1, Everest-16.5.1b, Everest-16.6.1, Everest-16.6.1a
Cisco	N/A	Catalyst 4500 Supervisor Engine 7L-E (K10)
Cisco	N/A	Cisco IOS, Cisco IOS XE ou Cisco IOS XR configurés pour utiliser LLDP
Cisco	N/A	Catalyst 4500-X Series Switches (K10)
Cisco	IOS XE	Cisco IOS ou IOS XE
Cisco	N/A	Catalyst 4500 Supervisor Engine 7-E (K10)
Cisco	N/A	Catalyst 4500E Supervisor Engine 9-E (K10)
Cisco	N/A	Catalyst 4948E Ethernet Switch (K5)
Cisco	IOS XE	Cisco IOS ou IOS XE avec la fonctionnalité Smart Install client activée

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20180328-lldp du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-dhcpr2 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-snmp du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-fwip du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-dos du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-bfd du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-opendns-dos du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-privesc1 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-igmp du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-ike du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-dhcpr3 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-qos du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-xepriv du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-ipv4 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-snmp-dos du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-xesc du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-smi2 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-ike-dos du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-dhcpr1 du 28 mars 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180328-smi du 28 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Catalyst 4500 Supervisor Engine 6L-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4900M Switch (K5)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XE versions 16.x",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500E Supervisor Engine 8-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500E Supervisor Engine 8L-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500 Supervisor Engine 6-E (K5)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 3850 et Cisco Catalyst 3650 ex\u00e9cutant Cisco IOS XE version 16.1.1 ou post\u00e9rieure",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ISM-VPN install\u00e9 sur une version vuln\u00e9rable de Cisco IOS",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS ou Cisco IOS XE avec le protocole Internet Security Association and Key Management Protocol (ISAKMP) activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst Digital Building Series Switches \u2013 8U",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst 2960-L Series Switches",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Catalyst Digital Building Series Switches \u2013 8P",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XE utilisant la fonctionnalit\u00e9 Zone-Based Policy Firewall et ex\u00e9cutant une des versions Everest-16.4.1, Everest-16.4.2, Everest-16.5.1, Everest-16.5.1b, Everest-16.6.1, Everest-16.6.1a",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500 Supervisor Engine 7L-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS, Cisco IOS XE ou Cisco IOS XR configur\u00e9s pour utiliser LLDP",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500-X Series Switches (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS ou IOS XE",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500 Supervisor Engine 7-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4500E Supervisor Engine 9-E (K10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Catalyst 4948E Ethernet Switch (K5)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS ou IOS XE avec la fonctionnalit\u00e9 Smart Install client activ\u00e9e",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-0171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0171"
    },
    {
      "name": "CVE-2018-0157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0157"
    },
    {
      "name": "CVE-2018-0174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0174"
    },
    {
      "name": "CVE-2018-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0158"
    },
    {
      "name": "CVE-2018-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0167"
    },
    {
      "name": "CVE-2018-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0169"
    },
    {
      "name": "CVE-2018-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0165"
    },
    {
      "name": "CVE-2018-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0151"
    },
    {
      "name": "CVE-2018-0176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0176"
    },
    {
      "name": "CVE-2018-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0154"
    },
    {
      "name": "CVE-2018-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0172"
    },
    {
      "name": "CVE-2018-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0150"
    },
    {
      "name": "CVE-2018-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0170"
    },
    {
      "name": "CVE-2018-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0160"
    },
    {
      "name": "CVE-2018-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0159"
    },
    {
      "name": "CVE-2018-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0156"
    },
    {
      "name": "CVE-2018-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0161"
    },
    {
      "name": "CVE-2018-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0152"
    },
    {
      "name": "CVE-2018-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0173"
    },
    {
      "name": "CVE-2018-0177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0177"
    },
    {
      "name": "CVE-2018-0175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0175"
    },
    {
      "name": "CVE-2018-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0155"
    }
  ],
  "initial_release_date": "2018-03-29T00:00:00",
  "last_revision_date": "2018-03-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-156",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-lldp du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-dhcpr2 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-snmp du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-snmp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-fwip du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-fwip"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-dos du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-bfd du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-opendns-dos du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-opendns-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-privesc1 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-privesc1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-igmp du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-igmp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-ike du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-dhcpr3 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-qos du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-xepriv du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xepriv"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-ipv4 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-snmp-dos du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-snmp-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-xesc du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-smi2 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-ike-dos du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-dhcpr1 du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180328-smi du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi"
    }
  ]
}

GHSA-4W6G-87MH-X63X

Vulnerability from github – Published: 2022-05-13 01:17 – Updated: 2025-10-22 00:31

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-0171"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-28T22:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.",
  "id": "GHSA-4w6g-87mh-x63x",
  "modified": "2025-10-22T00:31:30Z",
  "published": "2022-05-13T01:17:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0171"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171"
    },
    {
      "type": "WEB",
      "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103538"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040580"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-0171

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-0171

Aliases

CVE-2018-0171

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-0171",
    "description": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.",
    "id": "GSD-2018-0171"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-0171"
      ],
      "details": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.",
      "id": "GSD-2018-0171",
      "modified": "2023-12-13T01:22:24.481270Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2018-0171",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "IOS and IOS XE",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2018-0171",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco IOS and IOS XE",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco IOS and IOS XE"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
          },
          {
            "name": "1040580",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1040580"
          },
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
          },
          {
            "name": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490",
            "refsource": "MISC",
            "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
          },
          {
            "name": "103538",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103538"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0171"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
            },
            {
              "name": "1040580",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1040580"
            },
            {
              "name": "103538",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103538"
            },
            {
              "name": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490",
              "refsource": "MISC",
              "tags": [
                "Press/Media Coverage"
              ],
              "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-09-04T18:25Z",
      "publishedDate": "2018-03-28T22:29Z"
    }
  }
}

FKIE_CVE-2018-0171

Vulnerability from fkie_nvd - Published: 2018-03-28 22:29 - Updated: 2026-01-14 18:45

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/103538	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1040580	Third Party Advisory, VDB Entry
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04	Third Party Advisory, US Government Resource
psirt@cisco.com	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05	Third Party Advisory, US Government Resource
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2	Vendor Advisory
psirt@cisco.com	https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103538	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040580	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490	Press/Media Coverage
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171	US Government Resource

Impacted products

	Vendor	Product	Version
	cisco	ios	15.2\(5\)e

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*",
              "matchCriteriaId": "F112DE64-0042-4FB9-945D-3107468193E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica Smart Install de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado desencadene la recarga de un dispositivo afectado. Esto resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) o en la ejecuci\u00f3n de c\u00f3digo arbitrario en un dispositivo afectado. Esta vulnerabilidad se debe a la validaci\u00f3n incorrecta de datos del paquete. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un mensaje Smart Install manipulado al dispositivo afectado en el puerto TCP 4786. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque un desbordamiento de b\u00fafer en el dispositivo afectado, lo que podr\u00eda provocar los siguientes impactos: Desencadenar la recarga del dispositivo, permitir que el atacante ejecute c\u00f3digo arbitrario en el dispositivo, provocar un bucle impreciso en el dispositivo afectado que desencadene un cierre inesperado del watchdog. Cisco Bug IDs: CSCvg76186."
    }
  ],
  "id": "CVE-2018-0171",
  "lastModified": "2026-01-14T18:45:39.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2018-03-28T22:29:01.063",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103538"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040580"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0171"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2018-06774

Vulnerability from cnvd - Published: 2018-03-30

Title

Cisco Smart Install远程命令执行漏洞

Description

Smart Install作为一项即插即用配置和镜像管理功能，为新加入网络的交换机提供零配置部署，实现了自动化初始配置和操作系统镜像加载的过程，同时还提供配置文件的备份功能。 Cisco Smart Install存在远程命令执行漏洞，攻击者无需用户验证即可向远端Cisco设备的TCP 4786端口发送精心构造的恶意数据包，触发漏洞造成设备远程执行Cisco系统命令或拒绝服务（DoS）。

Severity

高

Patch Name

Cisco Smart Install远程命令执行漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

Impacted products

Name
['Cisco IOS XE', 'Cisco IOS']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "103538"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0171"
    }
  },
  "description": "Smart Install\u4f5c\u4e3a\u4e00\u9879\u5373\u63d2\u5373\u7528\u914d\u7f6e\u548c\u955c\u50cf\u7ba1\u7406\u529f\u80fd\uff0c\u4e3a\u65b0\u52a0\u5165\u7f51\u7edc\u7684\u4ea4\u6362\u673a\u63d0\u4f9b\u96f6\u914d\u7f6e\u90e8\u7f72\uff0c\u5b9e\u73b0\u4e86\u81ea\u52a8\u5316\u521d\u59cb\u914d\u7f6e\u548c\u64cd\u4f5c\u7cfb\u7edf\u955c\u50cf\u52a0\u8f7d\u7684\u8fc7\u7a0b\uff0c\u540c\u65f6\u8fd8\u63d0\u4f9b\u914d\u7f6e\u6587\u4ef6\u7684\u5907\u4efd\u529f\u80fd\u3002\r\n\r\nCisco Smart Install\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u65e0\u9700\u7528\u6237\u9a8c\u8bc1\u5373\u53ef\u5411\u8fdc\u7aefCisco\u8bbe\u5907\u7684TCP 4786\u7aef\u53e3\u53d1\u9001\u7cbe\u5fc3\u6784\u9020\u7684\u6076\u610f\u6570\u636e\u5305\uff0c\u89e6\u53d1\u6f0f\u6d1e\u9020\u6210\u8bbe\u5907\u8fdc\u7a0b\u6267\u884cCisco\u7cfb\u7edf\u547d\u4ee4\u6216\u62d2\u7edd\u670d\u52a1\uff08DoS\uff09\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06774",
  "openTime": "2018-03-30",
  "patchDescription": "Smart Install\u4f5c\u4e3a\u4e00\u9879\u5373\u63d2\u5373\u7528\u914d\u7f6e\u548c\u955c\u50cf\u7ba1\u7406\u529f\u80fd\uff0c\u4e3a\u65b0\u52a0\u5165\u7f51\u7edc\u7684\u4ea4\u6362\u673a\u63d0\u4f9b\u96f6\u914d\u7f6e\u90e8\u7f72\uff0c\u5b9e\u73b0\u4e86\u81ea\u52a8\u5316\u521d\u59cb\u914d\u7f6e\u548c\u64cd\u4f5c\u7cfb\u7edf\u955c\u50cf\u52a0\u8f7d\u7684\u8fc7\u7a0b\uff0c\u540c\u65f6\u8fd8\u63d0\u4f9b\u914d\u7f6e\u6587\u4ef6\u7684\u5907\u4efd\u529f\u80fd\u3002\r\n\r\nCisco Smart Install\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u65e0\u9700\u7528\u6237\u9a8c\u8bc1\u5373\u53ef\u5411\u8fdc\u7aefCisco\u8bbe\u5907\u7684TCP 4786\u7aef\u53e3\u53d1\u9001\u7cbe\u5fc3\u6784\u9020\u7684\u6076\u610f\u6570\u636e\u5305\uff0c\u89e6\u53d1\u6f0f\u6d1e\u9020\u6210\u8bbe\u5907\u8fdc\u7a0b\u6267\u884cCisco\u7cfb\u7edf\u547d\u4ee4\u6216\u62d2\u7edd\u670d\u52a1\uff08DoS\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Smart Install\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco IOS XE",
      "Cisco IOS"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
  "serverity": "\u9ad8",
  "submitTime": "2018-03-29",
  "title": "Cisco Smart Install\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}

CERTFR-2018-ALE-006

Vulnerability from certfr_alerte - Published: 2018-04-06 - Updated: 2018-07-30

Le 28 mars 2018, Cisco a publié une mise à jour de sécurité pour ses logiciels IOS et IOS XE bénéficiant de la fonctionnalité Smart Install. Ce correctif concerne une faille de sécurité pouvant conduire à une exécution de code arbitraire à distance sur un équipement mettant en œuvre un client Smart Install.
Le 5 avril 2018, le blogue de Cisco Talos alerte sur la forte probabilité d'exploitation de cette vulnérabilité au regard de l'existence d'une preuve de concept et d'une recrudescence anormale du traffic internet vers les services Smart Install.

Cette technologie a été développée afin de permettre le déploiement et la configuration automatique d'un commutateur selon un principe "prêt à l'emploi" (plug and play). Lors de la mise en service d'un appareil, ce dernier pourra ainsi récupérer sa configuration auprès d'un directeur Smart Install. Le rôle de directeur est tenu par un équipement réseau de niveau 3 qui délivre une image et une configuration à déployer aux différents produits exécutant le client Smart Install et venant l'interroger.

La vulnérabilité corrigée par Cisco, identifiée en tant que CVE-2018-0171, touche la partie cliente de Smart Install. Un commutateur configuré pour utiliser Smart Install démarre un serveur en écoute sur le port 4786 en TCP. Un paquet de type ibd_init_discovery_msg spécifiquement forgé et transmis au client peut alors causer un dépassement de tampon sur la pile et conduire à la compromission de l'équipement.

Le CERT-FR recommande la mise en œuvre des actions suivantes afin de détecter tout appareil vulnérable présent au sein du réseau.

Vérifier dans le réseau si des ports TCP 4786 sont actifs. Cela peut être réalisé à l'aide d'un outil de scan de type Nmap.
Contrôler l'état des interfaces réseau au niveau d'un équipement en utilisant la commande show tcp brief all et identifier si le port 4786 est en écoute.
Vérifier si la fonctionnalité Smart Install est active avec le rôle de client en exécutant la commande show vstack config.
Identifier si la version du logiciel IOS exécutée par l'équipement est vulnérable avec la commande show version. Se référer au bulletin de sécurité de l'éditeur pour obtenir une liste des versions concernées par la vulnérabilité
Un script mis à disposition par Cisco permet également de scanner un appareil pour identifier s'il est vulnérable (cf. section Documentation).

Solution

Le CERT-FR recommande l'installation de la mise à jour fournie par Cisco dans les plus brefs délais.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	IOS XE	Cisco IOS et IOS XE utilisant la fonctionnalité Smart Install

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco du 28 mars 2018	None	vendor-advisory
Outil permettant de vérifier si un équipement est vulnérable à la CVE-2018-0171	-	other
Documentation Cisco sur la fonctionnalité Smart Install	-	other
Bulletin de sécurité Cisco d'information cisco-sa-20180409-smi du 9 avril 2018 sur la sécurisation de Smart Install	-	other
Avis CERT-FR CERTFR-2018-AVI-156 Multiples vulnérabilités dans les produits Cisco	-	other
Publication de blogue Cisco Talos du 27 février 2018 relatif à Smart Install Client	-	other
Publication de blogue Embedi du 29 mars 2018 détaillant les principes de la vulnérabilité CVE-2018-0171	-	other
Publication de blogue Cisco du 27 février 2018 relatif à Smart Install Client	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS et IOS XE utilisant la fonctionnalit\u00e9 Smart Install",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2018-07-30",
  "content": "## Solution\n\nLe CERT-FR recommande l\u0027installation de la mise \u00e0 jour fournie par Cisco\ndans les plus brefs d\u00e9lais.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-0171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0171"
    }
  ],
  "initial_release_date": "2018-04-06T00:00:00",
  "last_revision_date": "2018-07-30T00:00:00",
  "links": [
    {
      "title": "Outil permettant de v\u00e9rifier si un \u00e9quipement est vuln\u00e9rable \u00e0 la CVE-2018-0171",
      "url": "https://github.com/Cisco-Talos/smi_check"
    },
    {
      "title": "Documentation Cisco sur la fonctionnalit\u00e9 Smart Install",
      "url": "https://www.cisco.com/c/en/us/td/docs/switches/lan/smart_install/configuration/guide/smart_install/concepts.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco d\u0027information\u00a0cisco-sa-20180409-smi du 9 avril 2018 sur la s\u00e9curisation de Smart Install",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180409-smi"
    },
    {
      "title": "Avis CERT-FR CERTFR-2018-AVI-156 Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
      "url": "http://www.cert.ssi.gouv.fr/avis/CERTFR-2018-AVI-156"
    },
    {
      "title": "Publication de blogue Cisco Talos du 27 f\u00e9vrier 2018 relatif \u00e0 Smart Install Client",
      "url": "http://blog.talosintelligence.com/2017/02/cisco-coverage-for-smart-install-client.html"
    },
    {
      "title": "Publication de blogue Embedi du 29 mars 2018 d\u00e9taillant les principes de la vuln\u00e9rabilit\u00e9 CVE-2018-0171",
      "url": "https://embedi.com/blog/cisco-smart-install-remote-code-execution/"
    },
    {
      "title": "Publication de blogue Cisco du 27 f\u00e9vrier 2018 relatif \u00e0 Smart Install Client",
      "url": "https://blogs.cisco.com/security/cisco-psirt-mitigating-and-detecting-potential-abuse-of-cisco-smart-install-feature"
    }
  ],
  "reference": "CERTFR-2018-ALE-006",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-04-06T00:00:00.000000"
    },
    {
      "description": "Ajout d\u0027un bulletin Cisco sur les moyens \u00e0 mettre en \u0153uvre pour s\u00e9curiser Smart Install",
      "revision_date": "2018-04-10T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte",
      "revision_date": "2018-07-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le 28 mars 2018, Cisco a publi\u00e9 une mise \u00e0 jour de s\u00e9curit\u00e9 pour ses\nlogiciels IOS et IOS XE b\u00e9n\u00e9ficiant de la fonctionnalit\u00e9 *Smart\nInstall*. Ce correctif concerne une faille de s\u00e9curit\u00e9 pouvant conduire\n\u00e0 une ex\u00e9cution de code arbitraire \u00e0 distance sur un \u00e9quipement mettant\nen \u0153uvre un client *Smart Install*.  \nLe 5 avril 2018, le blogue de Cisco Talos alerte sur la forte\nprobabilit\u00e9 d\u0027exploitation de cette vuln\u00e9rabilit\u00e9 au regard de\nl\u0027existence d\u0027une preuve de concept et d\u0027une recrudescence anormale du\ntraffic internet vers les services *Smart Install*.\n\nCette technologie a \u00e9t\u00e9 d\u00e9velopp\u00e9e afin de permettre le d\u00e9ploiement et\nla configuration automatique d\u0027un commutateur selon un principe \"pr\u00eat \u00e0\nl\u0027emploi\" (*plug and play*). Lors de la mise en service d\u0027un appareil,\nce dernier pourra ainsi r\u00e9cup\u00e9rer sa configuration aupr\u00e8s d\u0027un directeur\n*Smart Install*. Le r\u00f4le de directeur est tenu par un \u00e9quipement r\u00e9seau\nde niveau 3 qui d\u00e9livre une image et une configuration \u00e0 d\u00e9ployer aux\ndiff\u00e9rents produits ex\u00e9cutant le client *Smart Install* et venant\nl\u0027interroger.\n\nLa vuln\u00e9rabilit\u00e9 corrig\u00e9e par Cisco, identifi\u00e9e en tant que\nCVE-2018-0171, touche la partie cliente de *Smart Install*. Un\ncommutateur configur\u00e9 pour utiliser *Smart Install* d\u00e9marre un serveur\nen \u00e9coute sur le port 4786 en TCP. Un paquet de type\n\u003cstrong\u003eibd_init_discovery_msg\u003c/strong\u003e sp\u00e9cifiquement forg\u00e9 et transmis au client\npeut alors causer un d\u00e9passement de tampon sur la pile et conduire \u00e0 la\ncompromission de l\u0027\u00e9quipement.\n\nLe CERT-FR recommande la mise en \u0153uvre des actions suivantes afin de\nd\u00e9tecter tout appareil vuln\u00e9rable pr\u00e9sent au sein du r\u00e9seau.\n\n-   V\u00e9rifier dans le r\u00e9seau si des ports TCP 4786 sont actifs. Cela peut\n    \u00eatre r\u00e9alis\u00e9 \u00e0 l\u0027aide d\u0027un outil de scan de type Nmap.\n-   Contr\u00f4ler l\u0027\u00e9tat des interfaces r\u00e9seau au niveau d\u0027un \u00e9quipement en\n    utilisant la commande \u003cstrong\u003eshow tcp brief all\u003c/strong\u003e et identifier si le\n    port 4786 est en \u00e9coute.\n-   V\u00e9rifier si la fonctionnalit\u00e9 *Smart Install* est active avec le\n    r\u00f4le de client en ex\u00e9cutant la commande \u003cstrong\u003eshow vstack config\u003c/strong\u003e.\n-   Identifier si la version du logiciel IOS ex\u00e9cut\u00e9e par l\u0027\u00e9quipement\n    est vuln\u00e9rable avec la commande \u003cstrong\u003eshow version\u003c/strong\u003e. Se r\u00e9f\u00e9rer au\n    bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour obtenir une liste des\n    versions concern\u00e9es par la vuln\u00e9rabilit\u00e9\n-   Un script mis \u00e0 disposition par Cisco permet \u00e9galement de scanner un\n    appareil pour identifier s\u0027il est vuln\u00e9rable (cf. section\n    Documentation).\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS et IOS XE Smart Install Client",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco du 28 mars 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
    }
  ]
}

CVE-2018-0171

Vulnerability from fstec - Published: 28.03.2018

Title

Уязвимость операционных систем Cisco IOS и Cisco IOS XE, связанная с некорректной валидацией данных пакета, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Description

Уязвимость операционных систем Cisco IOS и Cisco IOS XE связана с некорректной валидацией данных пакета. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать аварийное завершение работы сторожевого таймера или выполнить произвольный код путем отправки специально сформированного сообщения Smart Install на TCP-порт 4786

Severity ?

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS, Cisco IOS XE

Software Version

15.2(4)E (Cisco IOS), 15.1(2)SG3 (Cisco IOS), 16.5.1 (Cisco IOS XE), 3.6.5bE (Cisco IOS XE), 16.1.1 (Cisco IOS XE), 16.1.2 (Cisco IOS XE), 16.1.3 (Cisco IOS XE), 3.2.0JA (Cisco IOS XE), 16.3.1a (Cisco IOS XE), 16.5.1a (Cisco IOS XE), 16.2.1 (Cisco IOS XE), 3.7.0e (Cisco IOS XE), 3.7.1e (Cisco IOS XE), 3.7.2e (Cisco IOS XE), 3.7.4e (Cisco IOS XE), 3.7.5e (Cisco IOS XE), 3.7.3e (Cisco IOS XE), 15.2(2)E5b (Cisco IOS), 15.2(5a)E1 (Cisco IOS), 15.2(6)E0b (Cisco IOS), 15.3(1)SY3 (Cisco IOS), 12.2(55)SE (Cisco IOS), 12.2(55)SE3 (Cisco IOS), 12.2(58)SE (Cisco IOS), 12.2(55)SE1 (Cisco IOS), 12.2(58)SE1 (Cisco IOS), 12.2(55)SE4 (Cisco IOS), 12.2(58)SE2 (Cisco IOS), 12.2(55)SE5 (Cisco IOS), 12.2(55)SE6 (Cisco IOS), 12.2(55)SE7 (Cisco IOS), 12.2(55)SE8 (Cisco IOS), 12.2(55)SE9 (Cisco IOS), 12.2(55)SE10 (Cisco IOS), 12.2(55)SE11 (Cisco IOS), 12.2(55)SE12 (Cisco IOS), 12.2(55)SE13 (Cisco IOS), 12.2(55)EX (Cisco IOS), 12.2(55)EX2 (Cisco IOS), 12.2(55)EX3 (Cisco IOS), 12.2(58)EX (Cisco IOS), 12.2(55)EY (Cisco IOS), 12.2(58)EY (Cisco IOS), 12.2(58)EY1 (Cisco IOS), 12.2(58)EY2 (Cisco IOS), 12.2(58)EZ (Cisco IOS), 12.2(60)EZ (Cisco IOS), 12.2(60)EZ1 (Cisco IOS), 12.2(60)EZ2 (Cisco IOS), 12.2(60)EZ3 (Cisco IOS), 12.2(60)EZ4 (Cisco IOS), 12.2(60)EZ5 (Cisco IOS), 12.2(60)EZ6 (Cisco IOS), 12.2(60)EZ7 (Cisco IOS), 12.2(60)EZ8 (Cisco IOS), 12.2(60)EZ9 (Cisco IOS), 12.2(60)EZ10 (Cisco IOS), 12.2(60)EZ11 (Cisco IOS), 15.0(1)EY (Cisco IOS), 15.0(1)EY1 (Cisco IOS), 15.0(1)EY2 (Cisco IOS), 15.0(2)EY (Cisco IOS), 15.0(2)EY1 (Cisco IOS), 15.0(2)EY2 (Cisco IOS), 15.0(2)EY3 (Cisco IOS), 15.1(4)M12c (Cisco IOS), 15.0(1)SE (Cisco IOS), 15.0(2)SE (Cisco IOS), 15.0(1)SE1 (Cisco IOS), 15.0(1)SE2 (Cisco IOS), 15.0(1)SE3 (Cisco IOS), 15.0(2)SE1 (Cisco IOS), 15.0(2)SE2 (Cisco IOS), 15.0(2)SE3 (Cisco IOS), 15.0(2)SE4 (Cisco IOS), 15.0(2)SE5 (Cisco IOS), 15.0(2)SE6 (Cisco IOS), 15.0(2)SE7 (Cisco IOS), 15.0(2)SE8 (Cisco IOS), 15.0(2)SE9 (Cisco IOS), 15.0(2)SE10 (Cisco IOS), 15.0(2)SE11 (Cisco IOS), 15.0(2)SE10a (Cisco IOS), 15.0(2)SE12 (Cisco IOS), 15.1(1)SG (Cisco IOS), 15.1(2)SG (Cisco IOS), 15.1(1)SG1 (Cisco IOS), 15.1(1)SG2 (Cisco IOS), 15.1(2)SG1 (Cisco IOS), 15.1(2)SG2 (Cisco IOS), 15.1(2)SG4 (Cisco IOS), 15.1(2)SG5 (Cisco IOS), 15.1(2)SG6 (Cisco IOS), 15.1(2)SG7 (Cisco IOS), 15.1(2)SG8 (Cisco IOS), 15.1(2)SG8a (Cisco IOS), 15.0(1)EX (Cisco IOS), 15.0(2)EX10 (Cisco IOS), 15.0(2)EX11 (Cisco IOS), 15.0(2)EX13 (Cisco IOS), 15.0(2)EX12 (Cisco IOS), 15.1(1)SY (Cisco IOS), 15.1(1)SY1 (Cisco IOS), 15.1(2)SY (Cisco IOS), 15.1(2)SY1 (Cisco IOS), 15.1(2)SY2 (Cisco IOS), 15.1(1)SY2 (Cisco IOS), 15.1(1)SY3 (Cisco IOS), 15.1(2)SY3 (Cisco IOS), 15.1(1)SY4 (Cisco IOS), 15.1(2)SY4 (Cisco IOS), 15.1(1)SY5 (Cisco IOS), 15.1(2)SY5 (Cisco IOS), 15.1(2)SY4a (Cisco IOS), 15.1(1)SY6 (Cisco IOS), 15.1(2)SY6 (Cisco IOS), 15.1(2)SY7 (Cisco IOS), 15.1(2)SY8 (Cisco IOS), 15.1(2)SY9 (Cisco IOS), 15.1(2)SY10 (Cisco IOS), 15.1(2)SY11 (Cisco IOS), 15.0(2)EC (Cisco IOS), 15.0(2)EB (Cisco IOS), 15.2(1)E (Cisco IOS), 15.2(2)E (Cisco IOS), 15.2(1)E1 (Cisco IOS), 15.2(3)E (Cisco IOS), 15.2(1)E2 (Cisco IOS), 15.2(1)E3 (Cisco IOS), 15.2(2)E1 (Cisco IOS), 15.2(3)E1 (Cisco IOS), 15.2(2)E2 (Cisco IOS), 15.2(2)E3 (Cisco IOS), 15.2(2a)E2 (Cisco IOS), 15.2(3)E2 (Cisco IOS), 15.2(3a)E (Cisco IOS), 15.2(3)E3 (Cisco IOS), 15.2(3m)E2 (Cisco IOS), 15.2(4)E1 (Cisco IOS), 15.2(2)E4 (Cisco IOS), 15.2(2)E5 (Cisco IOS), 15.2(4)E2 (Cisco IOS), 15.2(4m)E1 (Cisco IOS), 15.2(3)E4 (Cisco IOS), 15.2(5)E (Cisco IOS), 15.2(4)E3 (Cisco IOS), 15.2(2)E6 (Cisco IOS), 15.2(5)E1 (Cisco IOS), 15.2(4m)E3 (Cisco IOS), 15.2(3m)E8 (Cisco IOS), 15.2(2)E5a (Cisco IOS), 15.2(3)E5 (Cisco IOS), 15.2(4n)E2 (Cisco IOS), 15.2(4o)E2 (Cisco IOS), 15.2(4)E4 (Cisco IOS), 15.2(2)E7 (Cisco IOS), 15.2(5)E2 (Cisco IOS), 15.2(4p)E1 (Cisco IOS), 15.2(6)E (Cisco IOS), 15.2(5)E2b (Cisco IOS), 15.2(4)E5 (Cisco IOS), 15.2(5)E2c (Cisco IOS), 15.2(4m)E2 (Cisco IOS), 15.2(4o)E3 (Cisco IOS), 15.2(4q)E1 (Cisco IOS), 15.2(6)E0a (Cisco IOS), 15.2(2)E7b (Cisco IOS), 15.2(4)E5a (Cisco IOS), 15.2(6)E0c (Cisco IOS), 15.0(2)ED (Cisco IOS), 15.0(2)ED1 (Cisco IOS), 15.0(2)EZ (Cisco IOS), 15.2(1)EY (Cisco IOS), 15.0(2)EJ (Cisco IOS), 15.0(2)EJ1 (Cisco IOS), 15.0(2)EH (Cisco IOS), 15.2(1)SY (Cisco IOS), 15.2(1)SY1 (Cisco IOS), 15.2(1)SY0a (Cisco IOS), 15.2(1)SY2 (Cisco IOS), 15.2(2)SY (Cisco IOS), 15.2(1)SY1a (Cisco IOS), 15.2(2)SY1 (Cisco IOS), 15.2(2)SY2 (Cisco IOS), 15.2(1)SY3 (Cisco IOS), 15.2(1)SY4 (Cisco IOS), 15.2(2)SY3 (Cisco IOS), 15.2(1)SY5 (Cisco IOS), 15.2(5)EX (Cisco IOS), 15.0(2)EK (Cisco IOS), 15.0(2)EK1 (Cisco IOS), 15.2(2)EB (Cisco IOS), 15.2(2)EB1 (Cisco IOS), 15.2(2)EB2 (Cisco IOS), 15.3(3)JN1 (Cisco IOS), 15.3(3)JN2 (Cisco IOS), 15.3(1)SY (Cisco IOS), 15.3(1)SY1 (Cisco IOS), 15.3(1)SY2 (Cisco IOS), 15.6(2)SP3b (Cisco IOS), 15.2(4)EC1 (Cisco IOS), 15.2(4)EC2 (Cisco IOS), 15.4(1)SY (Cisco IOS), 15.4(1)SY1 (Cisco IOS), 15.4(1)SY2 (Cisco IOS), 15.4(1)SY3 (Cisco IOS), 15.5(1)SY (Cisco IOS), 16.2.2 (Cisco IOS XE), 16.3.1 (Cisco IOS XE), 16.3.2 (Cisco IOS XE), 16.3.3 (Cisco IOS XE), 16.3.4 (Cisco IOS XE), 16.3.5 (Cisco IOS XE), 16.3.5b (Cisco IOS XE), 16.4.1 (Cisco IOS XE), 16.6.1 (Cisco IOS XE), 16.6.4 (Cisco IOS XE), 3.2.0SE (Cisco IOS XE), 3.2.1SE (Cisco IOS XE), 3.2.2SE (Cisco IOS XE), 3.2.3SE (Cisco IOS XE), 3.3.0SE (Cisco IOS XE), 3.3.1SE (Cisco IOS XE), 3.3.2SE (Cisco IOS XE), 3.3.3SE (Cisco IOS XE), 3.3.4SE (Cisco IOS XE), 3.3.5SE (Cisco IOS XE), 3.3.0XO (Cisco IOS XE), 3.3.1XO (Cisco IOS XE), 3.3.2XO (Cisco IOS XE), 3.4.0SG (Cisco IOS XE), 3.4.2SG (Cisco IOS XE), 3.4.1SG (Cisco IOS XE), 3.4.3SG (Cisco IOS XE), 3.4.4SG (Cisco IOS XE), 3.4.5SG (Cisco IOS XE), 3.4.6SG (Cisco IOS XE), 3.4.7SG (Cisco IOS XE), 3.4.8SG (Cisco IOS XE), 3.5.0E (Cisco IOS XE), 3.5.1E (Cisco IOS XE), 3.5.2E (Cisco IOS XE), 3.5.3E (Cisco IOS XE), 3.6.0E (Cisco IOS XE), 3.6.1E (Cisco IOS XE), 3.6.2aE (Cisco IOS XE), 3.6.2E (Cisco IOS XE), 3.6.3E (Cisco IOS XE), 3.6.4E (Cisco IOS XE), 3.6.5E (Cisco IOS XE), 3.6.6E (Cisco IOS XE), 3.6.5aE (Cisco IOS XE), 3.6.7E (Cisco IOS XE), 3.6.7bE (Cisco IOS XE), 3.8.0E (Cisco IOS XE), 3.8.1E (Cisco IOS XE), 3.8.2E (Cisco IOS XE), 3.8.3E (Cisco IOS XE), 3.8.4E (Cisco IOS XE), 3.8.5E (Cisco IOS XE), 3.8.5aE (Cisco IOS XE), 3.9.0E (Cisco IOS XE), 3.9.1E (Cisco IOS XE), 3.9.2E (Cisco IOS XE), 3.10.0E (Cisco IOS XE), 3.10.0cE (Cisco IOS XE), 3.3.0SG (Cisco IOS XE), 3.3.2SG (Cisco IOS XE), 3.3.1SG (Cisco IOS XE)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

Reference

http://proffy.info/modules.php?name=News&file=article&sid=2405 https://threatpost.ru/cisco-patches-two-critical-rce-bugs-in-ios-xe-software/25363/ https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.2(4)E (Cisco IOS), 15.1(2)SG3 (Cisco IOS), 16.5.1 (Cisco IOS XE), 3.6.5bE (Cisco IOS XE), 16.1.1 (Cisco IOS XE), 16.1.2 (Cisco IOS XE), 16.1.3 (Cisco IOS XE), 3.2.0JA (Cisco IOS XE), 16.3.1a (Cisco IOS XE), 16.5.1a (Cisco IOS XE), 16.2.1 (Cisco IOS XE), 3.7.0e (Cisco IOS XE), 3.7.1e (Cisco IOS XE), 3.7.2e (Cisco IOS XE), 3.7.4e (Cisco IOS XE), 3.7.5e (Cisco IOS XE), 3.7.3e (Cisco IOS XE), 15.2(2)E5b (Cisco IOS), 15.2(5a)E1 (Cisco IOS), 15.2(6)E0b (Cisco IOS), 15.3(1)SY3 (Cisco IOS), 12.2(55)SE (Cisco IOS), 12.2(55)SE3 (Cisco IOS), 12.2(58)SE (Cisco IOS), 12.2(55)SE1 (Cisco IOS), 12.2(58)SE1 (Cisco IOS), 12.2(55)SE4 (Cisco IOS), 12.2(58)SE2 (Cisco IOS), 12.2(55)SE5 (Cisco IOS), 12.2(55)SE6 (Cisco IOS), 12.2(55)SE7 (Cisco IOS), 12.2(55)SE8 (Cisco IOS), 12.2(55)SE9 (Cisco IOS), 12.2(55)SE10 (Cisco IOS), 12.2(55)SE11 (Cisco IOS), 12.2(55)SE12 (Cisco IOS), 12.2(55)SE13 (Cisco IOS), 12.2(55)EX (Cisco IOS), 12.2(55)EX2 (Cisco IOS), 12.2(55)EX3 (Cisco IOS), 12.2(58)EX (Cisco IOS), 12.2(55)EY (Cisco IOS), 12.2(58)EY (Cisco IOS), 12.2(58)EY1 (Cisco IOS), 12.2(58)EY2 (Cisco IOS), 12.2(58)EZ (Cisco IOS), 12.2(60)EZ (Cisco IOS), 12.2(60)EZ1 (Cisco IOS), 12.2(60)EZ2 (Cisco IOS), 12.2(60)EZ3 (Cisco IOS), 12.2(60)EZ4 (Cisco IOS), 12.2(60)EZ5 (Cisco IOS), 12.2(60)EZ6 (Cisco IOS), 12.2(60)EZ7 (Cisco IOS), 12.2(60)EZ8 (Cisco IOS), 12.2(60)EZ9 (Cisco IOS), 12.2(60)EZ10 (Cisco IOS), 12.2(60)EZ11 (Cisco IOS), 15.0(1)EY (Cisco IOS), 15.0(1)EY1 (Cisco IOS), 15.0(1)EY2 (Cisco IOS), 15.0(2)EY (Cisco IOS), 15.0(2)EY1 (Cisco IOS), 15.0(2)EY2 (Cisco IOS), 15.0(2)EY3 (Cisco IOS), 15.1(4)M12c (Cisco IOS), 15.0(1)SE (Cisco IOS), 15.0(2)SE (Cisco IOS), 15.0(1)SE1 (Cisco IOS), 15.0(1)SE2 (Cisco IOS), 15.0(1)SE3 (Cisco IOS), 15.0(2)SE1 (Cisco IOS), 15.0(2)SE2 (Cisco IOS), 15.0(2)SE3 (Cisco IOS), 15.0(2)SE4 (Cisco IOS), 15.0(2)SE5 (Cisco IOS), 15.0(2)SE6 (Cisco IOS), 15.0(2)SE7 (Cisco IOS), 15.0(2)SE8 (Cisco IOS), 15.0(2)SE9 (Cisco IOS), 15.0(2)SE10 (Cisco IOS), 15.0(2)SE11 (Cisco IOS), 15.0(2)SE10a (Cisco IOS), 15.0(2)SE12 (Cisco IOS), 15.1(1)SG (Cisco IOS), 15.1(2)SG (Cisco IOS), 15.1(1)SG1 (Cisco IOS), 15.1(1)SG2 (Cisco IOS), 15.1(2)SG1 (Cisco IOS), 15.1(2)SG2 (Cisco IOS), 15.1(2)SG4 (Cisco IOS), 15.1(2)SG5 (Cisco IOS), 15.1(2)SG6 (Cisco IOS), 15.1(2)SG7 (Cisco IOS), 15.1(2)SG8 (Cisco IOS), 15.1(2)SG8a (Cisco IOS), 15.0(1)EX (Cisco IOS), 15.0(2)EX10 (Cisco IOS), 15.0(2)EX11 (Cisco IOS), 15.0(2)EX13 (Cisco IOS), 15.0(2)EX12 (Cisco IOS), 15.1(1)SY (Cisco IOS), 15.1(1)SY1 (Cisco IOS), 15.1(2)SY (Cisco IOS), 15.1(2)SY1 (Cisco IOS), 15.1(2)SY2 (Cisco IOS), 15.1(1)SY2 (Cisco IOS), 15.1(1)SY3 (Cisco IOS), 15.1(2)SY3 (Cisco IOS), 15.1(1)SY4 (Cisco IOS), 15.1(2)SY4 (Cisco IOS), 15.1(1)SY5 (Cisco IOS), 15.1(2)SY5 (Cisco IOS), 15.1(2)SY4a (Cisco IOS), 15.1(1)SY6 (Cisco IOS), 15.1(2)SY6 (Cisco IOS), 15.1(2)SY7 (Cisco IOS), 15.1(2)SY8 (Cisco IOS), 15.1(2)SY9 (Cisco IOS), 15.1(2)SY10 (Cisco IOS), 15.1(2)SY11 (Cisco IOS), 15.0(2)EC (Cisco IOS), 15.0(2)EB (Cisco IOS), 15.2(1)E (Cisco IOS), 15.2(2)E (Cisco IOS), 15.2(1)E1 (Cisco IOS), 15.2(3)E (Cisco IOS), 15.2(1)E2 (Cisco IOS), 15.2(1)E3 (Cisco IOS), 15.2(2)E1 (Cisco IOS), 15.2(3)E1 (Cisco IOS), 15.2(2)E2 (Cisco IOS), 15.2(2)E3 (Cisco IOS), 15.2(2a)E2 (Cisco IOS), 15.2(3)E2 (Cisco IOS), 15.2(3a)E (Cisco IOS), 15.2(3)E3 (Cisco IOS), 15.2(3m)E2 (Cisco IOS), 15.2(4)E1 (Cisco IOS), 15.2(2)E4 (Cisco IOS), 15.2(2)E5 (Cisco IOS), 15.2(4)E2 (Cisco IOS), 15.2(4m)E1 (Cisco IOS), 15.2(3)E4 (Cisco IOS), 15.2(5)E (Cisco IOS), 15.2(4)E3 (Cisco IOS), 15.2(2)E6 (Cisco IOS), 15.2(5)E1 (Cisco IOS), 15.2(4m)E3 (Cisco IOS), 15.2(3m)E8 (Cisco IOS), 15.2(2)E5a (Cisco IOS), 15.2(3)E5 (Cisco IOS), 15.2(4n)E2 (Cisco IOS), 15.2(4o)E2 (Cisco IOS), 15.2(4)E4 (Cisco IOS), 15.2(2)E7 (Cisco IOS), 15.2(5)E2 (Cisco IOS), 15.2(4p)E1 (Cisco IOS), 15.2(6)E (Cisco IOS), 15.2(5)E2b (Cisco IOS), 15.2(4)E5 (Cisco IOS), 15.2(5)E2c (Cisco IOS), 15.2(4m)E2 (Cisco IOS), 15.2(4o)E3 (Cisco IOS), 15.2(4q)E1 (Cisco IOS), 15.2(6)E0a (Cisco IOS), 15.2(2)E7b (Cisco IOS), 15.2(4)E5a (Cisco IOS), 15.2(6)E0c (Cisco IOS), 15.0(2)ED (Cisco IOS), 15.0(2)ED1 (Cisco IOS), 15.0(2)EZ (Cisco IOS), 15.2(1)EY (Cisco IOS), 15.0(2)EJ (Cisco IOS), 15.0(2)EJ1 (Cisco IOS), 15.0(2)EH (Cisco IOS), 15.2(1)SY (Cisco IOS), 15.2(1)SY1 (Cisco IOS), 15.2(1)SY0a (Cisco IOS), 15.2(1)SY2 (Cisco IOS), 15.2(2)SY (Cisco IOS), 15.2(1)SY1a (Cisco IOS), 15.2(2)SY1 (Cisco IOS), 15.2(2)SY2 (Cisco IOS), 15.2(1)SY3 (Cisco IOS), 15.2(1)SY4 (Cisco IOS), 15.2(2)SY3 (Cisco IOS), 15.2(1)SY5 (Cisco IOS), 15.2(5)EX (Cisco IOS), 15.0(2)EK (Cisco IOS), 15.0(2)EK1 (Cisco IOS), 15.2(2)EB (Cisco IOS), 15.2(2)EB1 (Cisco IOS), 15.2(2)EB2 (Cisco IOS), 15.3(3)JN1 (Cisco IOS), 15.3(3)JN2 (Cisco IOS), 15.3(1)SY (Cisco IOS), 15.3(1)SY1 (Cisco IOS), 15.3(1)SY2 (Cisco IOS), 15.6(2)SP3b (Cisco IOS), 15.2(4)EC1 (Cisco IOS), 15.2(4)EC2 (Cisco IOS), 15.4(1)SY (Cisco IOS), 15.4(1)SY1 (Cisco IOS), 15.4(1)SY2 (Cisco IOS), 15.4(1)SY3 (Cisco IOS), 15.5(1)SY (Cisco IOS), 16.2.2 (Cisco IOS XE), 16.3.1 (Cisco IOS XE), 16.3.2 (Cisco IOS XE), 16.3.3 (Cisco IOS XE), 16.3.4 (Cisco IOS XE), 16.3.5 (Cisco IOS XE), 16.3.5b (Cisco IOS XE), 16.4.1 (Cisco IOS XE), 16.6.1 (Cisco IOS XE), 16.6.4 (Cisco IOS XE), 3.2.0SE (Cisco IOS XE), 3.2.1SE (Cisco IOS XE), 3.2.2SE (Cisco IOS XE), 3.2.3SE (Cisco IOS XE), 3.3.0SE (Cisco IOS XE), 3.3.1SE (Cisco IOS XE), 3.3.2SE (Cisco IOS XE), 3.3.3SE (Cisco IOS XE), 3.3.4SE (Cisco IOS XE), 3.3.5SE (Cisco IOS XE), 3.3.0XO (Cisco IOS XE), 3.3.1XO (Cisco IOS XE), 3.3.2XO (Cisco IOS XE), 3.4.0SG (Cisco IOS XE), 3.4.2SG (Cisco IOS XE), 3.4.1SG (Cisco IOS XE), 3.4.3SG (Cisco IOS XE), 3.4.4SG (Cisco IOS XE), 3.4.5SG (Cisco IOS XE), 3.4.6SG (Cisco IOS XE), 3.4.7SG (Cisco IOS XE), 3.4.8SG (Cisco IOS XE), 3.5.0E (Cisco IOS XE), 3.5.1E (Cisco IOS XE), 3.5.2E (Cisco IOS XE), 3.5.3E (Cisco IOS XE), 3.6.0E (Cisco IOS XE), 3.6.1E (Cisco IOS XE), 3.6.2aE (Cisco IOS XE), 3.6.2E (Cisco IOS XE), 3.6.3E (Cisco IOS XE), 3.6.4E (Cisco IOS XE), 3.6.5E (Cisco IOS XE), 3.6.6E (Cisco IOS XE), 3.6.5aE (Cisco IOS XE), 3.6.7E (Cisco IOS XE), 3.6.7bE (Cisco IOS XE), 3.8.0E (Cisco IOS XE), 3.8.1E (Cisco IOS XE), 3.8.2E (Cisco IOS XE), 3.8.3E (Cisco IOS XE), 3.8.4E (Cisco IOS XE), 3.8.5E (Cisco IOS XE), 3.8.5aE (Cisco IOS XE), 3.9.0E (Cisco IOS XE), 3.9.1E (Cisco IOS XE), 3.9.2E (Cisco IOS XE), 3.10.0E (Cisco IOS XE), 3.10.0cE (Cisco IOS XE), 3.3.0SG (Cisco IOS XE), 3.3.2SG (Cisco IOS XE), 3.3.1SG (Cisco IOS XE)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "28.03.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.04.2018",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-00499",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-0171",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS, Cisco IOS XE",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Cisco IOS 15.2(4)E , Cisco Systems Inc. Cisco IOS 15.1(2)SG3 , Cisco Systems Inc. Cisco IOS XE 16.5.1 , Cisco Systems Inc. Cisco IOS XE 3.6.5bE , Cisco Systems Inc. Cisco IOS XE 16.1.1 , Cisco Systems Inc. Cisco IOS XE 16.1.2 , Cisco Systems Inc. Cisco IOS XE 16.1.3 , Cisco Systems Inc. Cisco IOS XE 3.2.0JA , Cisco Systems Inc. Cisco IOS XE 16.3.1a , Cisco Systems Inc. Cisco IOS XE 16.5.1a , Cisco Systems Inc. Cisco IOS XE 16.2.1 , Cisco Systems Inc. Cisco IOS XE 3.7.0e , Cisco Systems Inc. Cisco IOS XE 3.7.1e , Cisco Systems Inc. Cisco IOS XE 3.7.2e , Cisco Systems Inc. Cisco IOS XE 3.7.4e , Cisco Systems Inc. Cisco IOS XE 3.7.5e , Cisco Systems Inc. Cisco IOS XE 3.7.3e , Cisco Systems Inc. Cisco IOS 15.2(2)E5b , Cisco Systems Inc. Cisco IOS 15.2(5a)E1 , Cisco Systems Inc. Cisco IOS 15.2(6)E0b , Cisco Systems Inc. Cisco IOS 15.3(1)SY3 , Cisco Systems Inc. Cisco IOS 12.2(55)SE , Cisco Systems Inc. Cisco IOS 12.2(55)SE3 , Cisco Systems Inc. Cisco IOS 12.2(58)SE , Cisco Systems Inc. Cisco IOS 12.2(55)SE1 , Cisco Systems Inc. Cisco IOS 12.2(58)SE1 , Cisco Systems Inc. Cisco IOS 12.2(55)SE4 , Cisco Systems Inc. Cisco IOS 12.2(58)SE2 , Cisco Systems Inc. Cisco IOS 12.2(55)SE5 , Cisco Systems Inc. Cisco IOS 12.2(55)SE6 , Cisco Systems Inc. Cisco IOS 12.2(55)SE7 , Cisco Systems Inc. Cisco IOS 12.2(55)SE8 , Cisco Systems Inc. Cisco IOS 12.2(55)SE9 , Cisco Systems Inc. Cisco IOS 12.2(55)SE10 , Cisco Systems Inc. Cisco IOS 12.2(55)SE11 , Cisco Systems Inc. Cisco IOS 12.2(55)SE12 , Cisco Systems Inc. Cisco IOS 12.2(55)SE13 , Cisco Systems Inc. Cisco IOS 12.2(55)EX , Cisco Systems Inc. Cisco IOS 12.2(55)EX2 , Cisco Systems Inc. Cisco IOS 12.2(55)EX3 , Cisco Systems Inc. Cisco IOS 12.2(58)EX , Cisco Systems Inc. Cisco IOS 12.2(55)EY , Cisco Systems Inc. Cisco IOS 12.2(58)EY , Cisco Systems Inc. Cisco IOS 12.2(58)EY1 , Cisco Systems Inc. Cisco IOS 12.2(58)EY2 , Cisco Systems Inc. Cisco IOS 12.2(58)EZ , Cisco Systems Inc. Cisco IOS 12.2(60)EZ , Cisco Systems Inc. Cisco IOS 12.2(60)EZ1 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ2 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ3 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ4 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ5 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ6 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ7 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ8 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ9 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ10 , Cisco Systems Inc. Cisco IOS 12.2(60)EZ11 , Cisco Systems Inc. Cisco IOS 15.0(1)EY , Cisco Systems Inc. Cisco IOS 15.0(1)EY1 , Cisco Systems Inc. Cisco IOS 15.0(1)EY2 , Cisco Systems Inc. Cisco IOS 15.0(2)EY , Cisco Systems Inc. Cisco IOS 15.0(2)EY1 , Cisco Systems Inc. Cisco IOS 15.0(2)EY2 , Cisco Systems Inc. Cisco IOS 15.0(2)EY3 , Cisco Systems Inc. Cisco IOS 15.1(4)M12c , Cisco Systems Inc. Cisco IOS 15.0(1)SE , Cisco Systems Inc. Cisco IOS 15.0(2)SE , Cisco Systems Inc. Cisco IOS 15.0(1)SE1 , Cisco Systems Inc. Cisco IOS 15.0(1)SE2 , Cisco Systems Inc. Cisco IOS 15.0(1)SE3 , Cisco Systems Inc. Cisco IOS 15.0(2)SE1 , Cisco Systems Inc. Cisco IOS 15.0(2)SE2 , Cisco Systems Inc. Cisco IOS 15.0(2)SE3 , Cisco Systems Inc. Cisco IOS 15.0(2)SE4 , Cisco Systems Inc. Cisco IOS 15.0(2)SE5 , Cisco Systems Inc. Cisco IOS 15.0(2)SE6 , Cisco Systems Inc. Cisco IOS 15.0(2)SE7 , Cisco Systems Inc. Cisco IOS 15.0(2)SE8 , Cisco Systems Inc. Cisco IOS 15.0(2)SE9 , Cisco Systems Inc. Cisco IOS 15.0(2)SE10 , Cisco Systems Inc. Cisco IOS 15.0(2)SE11 , Cisco Systems Inc. Cisco IOS 15.0(2)SE10a , Cisco Systems Inc. Cisco IOS 15.0(2)SE12 , Cisco Systems Inc. Cisco IOS 15.1(1)SG , Cisco Systems Inc. Cisco IOS 15.1(2)SG , Cisco Systems Inc. Cisco IOS 15.1(1)SG1 , Cisco Systems Inc. Cisco IOS 15.1(1)SG2 , Cisco Systems Inc. Cisco IOS 15.1(2)SG1 , Cisco Systems Inc. Cisco IOS 15.1(2)SG2 , Cisco Systems Inc. Cisco IOS 15.1(2)SG4 , Cisco Systems Inc. Cisco IOS 15.1(2)SG5 , Cisco Systems Inc. Cisco IOS 15.1(2)SG6 , Cisco Systems Inc. Cisco IOS 15.1(2)SG7 , Cisco Systems Inc. Cisco IOS 15.1(2)SG8 , Cisco Systems Inc. Cisco IOS 15.1(2)SG8a , Cisco Systems Inc. Cisco IOS 15.0(1)EX , Cisco Systems Inc. Cisco IOS 15.0(2)EX10 , Cisco Systems Inc. Cisco IOS 15.0(2)EX11 , Cisco Systems Inc. Cisco IOS 15.0(2)EX13 , Cisco Systems Inc. Cisco IOS 15.0(2)EX12 , Cisco Systems Inc. Cisco IOS 15.1(1)SY , Cisco Systems Inc. Cisco IOS 15.1(1)SY1 , Cisco Systems Inc. Cisco IOS 15.1(2)SY , Cisco Systems Inc. Cisco IOS 15.1(2)SY1 , Cisco Systems Inc. Cisco IOS 15.1(2)SY2 , Cisco Systems Inc. Cisco IOS 15.1(1)SY2 , Cisco Systems Inc. Cisco IOS 15.1(1)SY3 , Cisco Systems Inc. Cisco IOS 15.1(2)SY3 , Cisco Systems Inc. Cisco IOS 15.1(1)SY4 , Cisco Systems Inc. Cisco IOS 15.1(2)SY4 , Cisco Systems Inc. Cisco IOS 15.1(1)SY5 , Cisco Systems Inc. Cisco IOS 15.1(2)SY5 , Cisco Systems Inc. Cisco IOS 15.1(2)SY4a , Cisco Systems Inc. Cisco IOS 15.1(1)SY6 , Cisco Systems Inc. Cisco IOS 15.1(2)SY6 , Cisco Systems Inc. Cisco IOS 15.1(2)SY7 , Cisco Systems Inc. Cisco IOS 15.1(2)SY8 , Cisco Systems Inc. Cisco IOS 15.1(2)SY9 , Cisco Systems Inc. Cisco IOS 15.1(2)SY10 , Cisco Systems Inc. Cisco IOS 15.1(2)SY11 , Cisco Systems Inc. Cisco IOS 15.0(2)EC , Cisco Systems Inc. Cisco IOS 15.0(2)EB , Cisco Systems Inc. Cisco IOS 15.2(1)E , Cisco Systems Inc. Cisco IOS 15.2(2)E , Cisco Systems Inc. Cisco IOS 15.2(1)E1 , Cisco Systems Inc. Cisco IOS 15.2(3)E , Cisco Systems Inc. Cisco IOS 15.2(1)E2 , Cisco Systems Inc. Cisco IOS 15.2(1)E3 , Cisco Systems Inc. Cisco IOS 15.2(2)E1 , Cisco Systems Inc. Cisco IOS 15.2(3)E1 , Cisco Systems Inc. Cisco IOS 15.2(2)E2 , Cisco Systems Inc. Cisco IOS 15.2(2)E3 , Cisco Systems Inc. Cisco IOS 15.2(2a)E2 , Cisco Systems Inc. Cisco IOS 15.2(3)E2 , Cisco Systems Inc. Cisco IOS 15.2(3a)E , Cisco Systems Inc. Cisco IOS 15.2(3)E3 , Cisco Systems Inc. Cisco IOS 15.2(3m)E2 , Cisco Systems Inc. Cisco IOS 15.2(4)E1 , Cisco Systems Inc. Cisco IOS 15.2(2)E4 , Cisco Systems Inc. Cisco IOS 15.2(2)E5 , Cisco Systems Inc. Cisco IOS 15.2(4)E2 , Cisco Systems Inc. Cisco IOS 15.2(4m)E1 , Cisco Systems Inc. Cisco IOS 15.2(3)E4 , Cisco Systems Inc. Cisco IOS 15.2(5)E , Cisco Systems Inc. Cisco IOS 15.2(4)E3 , Cisco Systems Inc. Cisco IOS 15.2(2)E6 , Cisco Systems Inc. Cisco IOS 15.2(5)E1 , Cisco Systems Inc. Cisco IOS 15.2(4m)E3 , Cisco Systems Inc. Cisco IOS 15.2(3m)E8 , Cisco Systems Inc. Cisco IOS 15.2(2)E5a , Cisco Systems Inc. Cisco IOS 15.2(3)E5 , Cisco Systems Inc. Cisco IOS 15.2(4n)E2 , Cisco Systems Inc. Cisco IOS 15.2(4o)E2 , Cisco Systems Inc. Cisco IOS 15.2(4)E4 , Cisco Systems Inc. Cisco IOS 15.2(2)E7 , Cisco Systems Inc. Cisco IOS 15.2(5)E2 , Cisco Systems Inc. Cisco IOS 15.2(4p)E1 , Cisco Systems Inc. Cisco IOS 15.2(6)E , Cisco Systems Inc. Cisco IOS 15.2(5)E2b , Cisco Systems Inc. Cisco IOS 15.2(4)E5 , Cisco Systems Inc. Cisco IOS 15.2(5)E2c , Cisco Systems Inc. Cisco IOS 15.2(4m)E2 , Cisco Systems Inc. Cisco IOS 15.2(4o)E3 , Cisco Systems Inc. Cisco IOS 15.2(4q)E1 , Cisco Systems Inc. Cisco IOS 15.2(6)E0a , Cisco Systems Inc. Cisco IOS 15.2(2)E7b , Cisco Systems Inc. Cisco IOS 15.2(4)E5a , Cisco Systems Inc. Cisco IOS 15.2(6)E0c , Cisco Systems Inc. Cisco IOS 15.0(2)ED , Cisco Systems Inc. Cisco IOS 15.0(2)ED1 , Cisco Systems Inc. Cisco IOS 15.0(2)EZ , Cisco Systems Inc. Cisco IOS 15.2(1)EY , Cisco Systems Inc. Cisco IOS 15.0(2)EJ , Cisco Systems Inc. Cisco IOS 15.0(2)EJ1 , Cisco Systems Inc. Cisco IOS 15.0(2)EH , Cisco Systems Inc. Cisco IOS 15.2(1)SY , Cisco Systems Inc. Cisco IOS 15.2(1)SY1 , Cisco Systems Inc. Cisco IOS 15.2(1)SY0a , Cisco Systems Inc. Cisco IOS 15.2(1)SY2 , Cisco Systems Inc. Cisco IOS 15.2(2)SY , Cisco Systems Inc. Cisco IOS 15.2(1)SY1a , Cisco Systems Inc. Cisco IOS 15.2(2)SY1 , Cisco Systems Inc. Cisco IOS 15.2(2)SY2 , Cisco Systems Inc. Cisco IOS 15.2(1)SY3 , Cisco Systems Inc. Cisco IOS 15.2(1)SY4 , Cisco Systems Inc. Cisco IOS 15.2(2)SY3 , Cisco Systems Inc. Cisco IOS 15.2(1)SY5 , Cisco Systems Inc. Cisco IOS 15.2(5)EX , Cisco Systems Inc. Cisco IOS 15.0(2)EK , Cisco Systems Inc. Cisco IOS 15.0(2)EK1 , Cisco Systems Inc. Cisco IOS 15.2(2)EB , Cisco Systems Inc. Cisco IOS 15.2(2)EB1 , Cisco Systems Inc. Cisco IOS 15.2(2)EB2 , Cisco Systems Inc. Cisco IOS 15.3(3)JN1 , Cisco Systems Inc. Cisco IOS 15.3(3)JN2 , Cisco Systems Inc. Cisco IOS 15.3(1)SY , Cisco Systems Inc. Cisco IOS 15.3(1)SY1 , Cisco Systems Inc. Cisco IOS 15.3(1)SY2 , Cisco Systems Inc. Cisco IOS 15.6(2)SP3b , Cisco Systems Inc. Cisco IOS 15.2(4)EC1 , Cisco Systems Inc. Cisco IOS 15.2(4)EC2 , Cisco Systems Inc. Cisco IOS 15.4(1)SY , Cisco Systems Inc. Cisco IOS 15.4(1)SY1 , Cisco Systems Inc. Cisco IOS 15.4(1)SY2 , Cisco Systems Inc. Cisco IOS 15.4(1)SY3 , Cisco Systems Inc. Cisco IOS 15.5(1)SY , Cisco Systems Inc. Cisco IOS XE 16.2.2 , Cisco Systems Inc. Cisco IOS XE 16.3.1 , Cisco Systems Inc. Cisco IOS XE 16.3.2 , Cisco Systems Inc. Cisco IOS XE 16.3.3 , Cisco Systems Inc. Cisco IOS XE 16.3.4 , Cisco Systems Inc. Cisco IOS XE 16.3.5 , Cisco Systems Inc. Cisco IOS XE 16.3.5b , Cisco Systems Inc. Cisco IOS XE 16.4.1 , Cisco Systems Inc. Cisco IOS XE 16.6.1 , Cisco Systems Inc. Cisco IOS XE 16.6.4 , Cisco Systems Inc. Cisco IOS XE 3.2.0SE , Cisco Systems Inc. Cisco IOS XE 3.2.1SE , Cisco Systems Inc. Cisco IOS XE 3.2.2SE , Cisco Systems Inc. Cisco IOS XE 3.2.3SE , Cisco Systems Inc. Cisco IOS XE 3.3.0SE , Cisco Systems Inc. Cisco IOS XE 3.3.1SE , Cisco Systems Inc. Cisco IOS XE 3.3.2SE , Cisco Systems Inc. Cisco IOS XE 3.3.3SE , Cisco Systems Inc. Cisco IOS XE 3.3.4SE , Cisco Systems Inc. Cisco IOS XE 3.3.5SE , Cisco Systems Inc. Cisco IOS XE 3.3.0XO , Cisco Systems Inc. Cisco IOS XE 3.3.1XO , Cisco Systems Inc. Cisco IOS XE 3.3.2XO , Cisco Systems Inc. Cisco IOS XE 3.4.0SG , Cisco Systems Inc. Cisco IOS XE 3.4.2SG , Cisco Systems Inc. Cisco IOS XE 3.4.1SG , Cisco Systems Inc. Cisco IOS XE 3.4.3SG , Cisco Systems Inc. Cisco IOS XE 3.4.4SG , Cisco Systems Inc. Cisco IOS XE 3.4.5SG , Cisco Systems Inc. Cisco IOS XE 3.4.6SG , Cisco Systems Inc. Cisco IOS XE 3.4.7SG , Cisco Systems Inc. Cisco IOS XE 3.4.8SG , Cisco Systems Inc. Cisco IOS XE 3.5.0E , Cisco Systems Inc. Cisco IOS XE 3.5.1E , Cisco Systems Inc. Cisco IOS XE 3.5.2E , Cisco Systems Inc. Cisco IOS XE 3.5.3E , Cisco Systems Inc. Cisco IOS XE 3.6.0E , Cisco Systems Inc. Cisco IOS XE 3.6.1E , Cisco Systems Inc. Cisco IOS XE 3.6.2aE , Cisco Systems Inc. Cisco IOS XE 3.6.2E , Cisco Systems Inc. Cisco IOS XE 3.6.3E , Cisco Systems Inc. Cisco IOS XE 3.6.4E , Cisco Systems Inc. Cisco IOS XE 3.6.5E , Cisco Systems Inc. Cisco IOS XE 3.6.6E , Cisco Systems Inc. Cisco IOS XE 3.6.5aE , Cisco Systems Inc. Cisco IOS XE 3.6.7E , Cisco Systems Inc. Cisco IOS XE 3.6.7bE , Cisco Systems Inc. Cisco IOS XE 3.8.0E , Cisco Systems Inc. Cisco IOS XE 3.8.1E , Cisco Systems Inc. Cisco IOS XE 3.8.2E , Cisco Systems Inc. Cisco IOS XE 3.8.3E , Cisco Systems Inc. Cisco IOS XE 3.8.4E , Cisco Systems Inc. Cisco IOS XE 3.8.5E , Cisco Systems Inc. Cisco IOS XE 3.8.5aE , Cisco Systems Inc. Cisco IOS XE 3.9.0E , Cisco Systems Inc. Cisco IOS XE 3.9.1E , Cisco Systems Inc. Cisco IOS XE 3.9.2E , Cisco Systems Inc. Cisco IOS XE 3.10.0E , Cisco Systems Inc. Cisco IOS XE 3.10.0cE , Cisco Systems Inc. Cisco IOS XE 3.3.0SG , Cisco Systems Inc. Cisco IOS XE 3.3.2SG , Cisco Systems Inc. Cisco IOS XE 3.3.1SG ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS \u0438 Cisco IOS XE, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco IOS \u0438 Cisco IOS XE \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0442\u043e\u0440\u043e\u0436\u0435\u0432\u043e\u0433\u043e \u0442\u0430\u0439\u043c\u0435\u0440\u0430 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f Smart Install \u043d\u0430 TCP-\u043f\u043e\u0440\u0442 4786",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://proffy.info/modules.php?name=News\u0026file=article\u0026sid=2405\nhttps://threatpost.ru/cisco-patches-two-critical-rce-bugs-in-ios-xe-software/25363/\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-0171 (GCVE-0-2018-0171)

CERTFR-2018-AVI-156

Solution

GHSA-4W6G-87MH-X63X

GSD-2018-0171

FKIE_CVE-2018-0171

CNVD-2018-06774

CERTFR-2018-ALE-006

Solution

CVE-2018-0171

Tags

Sightings

Nomenclature