Boletines de Vulnerabilidades

Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability


Información sobre el sistema

   
Software afectado Cisco

Descripción

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Cisco has released software updates that address this vulnerability. There are no

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Smart%20Install%20Denial%20of%20Service%20Vulnerability&vs_k=1

Identificadores estándar

Propiedad Valor
CVE CVE-2018-0156.

Histórico de versiones

Versión Comentario Data
1.0 Advisory issued 2023-01-18
Ministerio de Defensa
CNI
CCN
CCN-CERT