← Back

CVE-2018-0173

nvd nist
Published: Mar 28, 2018Modified: Jan 14, 2026CISA KEV

JSON object

Loading...
8.6
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 4.0
Source: NVD

Description

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754.

Affected (6)

Products: Cisco: Ios, Ios Xe
Cisco
2 products
Ios
Ios Xe
Configuration A
2 vulnerable · 12 platform
Vulnerable SoftwareAffected Versions
Ios
Version denali-16.3.4
Ios Xe
Version denali-16.3.4
Running on/withPlatform Versions
Cisco
4321 Integrated Services Router
All versions
Cisco
4331 Integrated Services Router
All versions
Cisco
4351 Integrated Services Router
All versions
Cisco
4431 Integrated Services Router
All versions
Cisco
4451 X Integrated Services Router
All versions
Cisco
Asr 1000 Series Route Processor (rp2)
All versions
Cisco
Asr 1000 Series Route Processor (rp3)
All versions
Cisco
Asr 1001 Hx
All versions
Cisco
Asr 1001 X
All versions
Cisco
Asr 1002 Hx
All versions
Cisco
Asr 1002 X
All versions
Cisco
Cloud Services Router 1000v
All versions
Configuration B
2 vulnerable · 5 platform
Vulnerable SoftwareAffected Versions
Ios
Up to 15.2\(6\)e0a
Ios Xe
Up to 15.2\(6\)e0a
Running on/withPlatform Versions
Rockwellautomation
Allen Bradley Armorstratix 5700
All versions
Rockwellautomation
Allen Bradley Stratix 5400
All versions
Rockwellautomation
Allen Bradley Stratix 5410
All versions
Rockwellautomation
Allen Bradley Stratix 5700
All versions
Rockwellautomation
Allen Bradley Stratix 8000
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ios
Up to 15.2\(4a\)ea5
Ios Xe
Up to 15.2\(4a\)ea5
Running on/withPlatform Versions
Rockwellautomation
Allen Bradley Stratix 8300
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (13)

Source: psirt@cisco.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@cisco.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryUS Government Resource
Source: psirt@cisco.com
Third Party AdvisoryUS Government Resource
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.