Cisco Catalyst 3850 and 3650 Series Switches IPv4 Processing Flaw Lets Remote Users Consume Excessive CPU Resources on the Target System
|
|
SecurityTracker Alert ID: 1040588 |
|
SecurityTracker URL: http://securitytracker.com/id/1040588
|
|
CVE Reference:
CVE-2018-0177
(Links to External Site)
|
Date: Mar 28 2018
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3850 and 3650 Series Switches; IOS XE 16.1.1 and after
|
Description:
A vulnerability was reported in Cisco Catalyst Switch. A remote user can consume excessive CPU resources on the target system.
A remote user can send specially crafted IPv4 packets to an IPv4 address on the target device to consume excessive CPU resources or generate traceback messages on the target system or cause the target system to reload.
If the device does not reboot automatically, a manual reboot is required to return the system to normal operations.
The vendor has assigned bug ID CSCvd80714 to this vulnerability.
|
Impact:
A remote user can consume excessive CPU resources or generate traceback messages on the target system or cause the target system to reload.
|
Solution:
The vendor has issued a fix.
The vendor advisory is available at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4
|
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4 (Links to External Site)
|
Cause:
Not specified
|
|
Message History:
None.
|
Source Message Contents
|
Subject: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4
|
|
|
