A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the malicious user to execute arbitrary code on the affected device with elevated privileges. The attacker could also leverage this vulnerability to cause the device to reload, causing a temporary DoS condition while the device is reloading. The malicious packets must be destined to and processed by an affected device. Traffic transiting a device will not trigger the vulnerability. Cisco Bug IDs: CSCvf73881.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios xe 16.5.1 |
||
cisco ios xe - |
Pick your poison in IOS and IOS XE: denial-of-service or remote code execution?
Cisco's ruined Easter for netadmins by revealing three critical-rated flaws, with fixes landing today. The company's IOS and IOS XE software need patching against two bugs, CVE-2018-0151 and CVE-2018-0171. CVE-2018-151 is a bounds-checking error in IOS/IOS XE's quality-of-service subsystem, and can be attacked using malicious packets to UDP port 18999. A successful attack triggers a buffer overrun, either causing a denial-of-service (DoS) or remote code execution (RCE). If you can't patch immedi...