SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco Catalyst Switch Vendors:   Cisco
Cisco Catalyst 3850 and 3650 Series Switches IPv4 Processing Flaw Lets Remote Users Consume Excessive CPU Resources on the Target System
SecurityTracker Alert ID:  1040588
SecurityTracker URL:  http://securitytracker.com/id/1040588
CVE Reference:   CVE-2018-0177   (Links to External Site)
Date:  Mar 28 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3850 and 3650 Series Switches; IOS XE 16.1.1 and after
Description:   A vulnerability was reported in Cisco Catalyst Switch. A remote user can consume excessive CPU resources on the target system.

A remote user can send specially crafted IPv4 packets to an IPv4 address on the target device to consume excessive CPU resources or generate traceback messages on the target system or cause the target system to reload.

If the device does not reboot automatically, a manual reboot is required to return the system to normal operations.

The vendor has assigned bug ID CSCvd80714 to this vulnerability.

Impact:   A remote user can consume excessive CPU resources or generate traceback messages on the target system or cause the target system to reload.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4 (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC