Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XR Software netconf Denial of Service Vulnerability

cisco-sa-20180502-iosxr · Medium · Published · Updated

A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious requests to the affected software. An exploit could allow the attacker to cause the targeted process to restart, resulting in a DoS condition on the affected system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-iosxr

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2018-0286
Cisco Bug IDsCSCvg95792
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco IOS XR Software

CSAF Product Statuses

Product Status Source CVE Rows
Cisco IOS XR Software known_affected cisco_csaf CVE-2018-0286 1

Related Products

Product CVE Evidence
Cisco IOS XR Software CVE-2018-0286 Cisco OpenVuln
Cisco IOS CVE-2018-0286 Cisco OpenVuln
Cisco IOS Software CVE-2018-0286 Cisco OpenVuln