BDU:2018-00498

Опубликовано: 28 мар. 2018

Источник: fstec

CVSS2: 10

EPSS Низкий

Описание

Уязвимость подсистемы качества обслуживания (QoS) операционных систем Cisco IOS и Cisco IOS XE вызвана выходом операции за границы буфера в памяти при обработке определенных значений в пакетах. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании и выполнить произвольный код с повышенными привилегиями при помощи отправки специально сформированных пакетов на UDP-порт 18999

Вендор

Cisco Systems Inc.

Наименование ПО

Cisco IOS

Cisco IOS XE

Версия ПО

15.6(1)T0a (Cisco IOS)

15.5(3)M (Cisco IOS)

15.2(2)E5b (Cisco IOS)

15.2(5a)E1 (Cisco IOS)

15.2(6)E0b (Cisco IOS)

15.5(1)S (Cisco IOS)

15.5(2)S (Cisco IOS)

15.5(1)S1 (Cisco IOS)

15.5(3)S (Cisco IOS)

15.5(1)S2 (Cisco IOS)

15.5(1)S3 (Cisco IOS)

15.5(2)S1 (Cisco IOS)

15.5(2)S2 (Cisco IOS)

15.5(3)S1 (Cisco IOS)

15.5(3)S1a (Cisco IOS)

15.5(2)S3 (Cisco IOS)

15.5(3)S2 (Cisco IOS)

15.5(3)S0a (Cisco IOS)

15.5(3)S3 (Cisco IOS)

15.5(1)S4 (Cisco IOS)

15.5(2)S4 (Cisco IOS)

15.5(3)S4 (Cisco IOS)

15.5(3)S5 (Cisco IOS)

15.5(3)S6 (Cisco IOS)

15.5(3)S6a (Cisco IOS)

15.5(3)S6b (Cisco IOS)

15.5(1)T (Cisco IOS)

15.5(2)T (Cisco IOS)

15.5(1)T3 (Cisco IOS)

15.5(2)T1 (Cisco IOS)

15.5(2)T2 (Cisco IOS)

15.5(2)T3 (Cisco IOS)

15.5(2)T4 (Cisco IOS)

15.5(1)T4 (Cisco IOS)

15.5(3)M1 (Cisco IOS)

15.5(3)M0a (Cisco IOS)

15.5(3)M2 (Cisco IOS)

15.5(3)M3 (Cisco IOS)

15.5(3)M4 (Cisco IOS)

15.5(3)M4a (Cisco IOS)

15.5(3)M5 (Cisco IOS)

15.5(3)M6 (Cisco IOS)

15.5(3)M6a (Cisco IOS)

15.5(3)SN (Cisco IOS)

15.6(1)S (Cisco IOS)

15.6(2)S (Cisco IOS)

15.6(2)S1 (Cisco IOS)

15.6(1)S1 (Cisco IOS)

15.6(1)S2 (Cisco IOS)

15.6(2)S0a (Cisco IOS)

15.6(2)S2 (Cisco IOS)

15.6(1)S3 (Cisco IOS)

15.6(2)S3 (Cisco IOS)

15.6(1)S4 (Cisco IOS)

15.6(2)S4 (Cisco IOS)

15.6(1)T (Cisco IOS)

15.6(2)T (Cisco IOS)

15.6(1)T1 (Cisco IOS)

15.6(2)T1 (Cisco IOS)

15.6(1)T2 (Cisco IOS)

15.6(2)T2 (Cisco IOS)

15.6(1)T3 (Cisco IOS)

15.6(2)T3 (Cisco IOS)

15.3(1)SY3 (Cisco IOS)

15.6(2)SP (Cisco IOS)

15.6(2)SP1 (Cisco IOS)

15.6(2)SP2 (Cisco IOS)

15.6(2)SP3 (Cisco IOS)

15.6(2)SN (Cisco IOS)

15.3(3)JD8 (Cisco IOS)

15.6(3)M (Cisco IOS)

15.6(3)M1 (Cisco IOS)

15.6(3)M0a (Cisco IOS)

15.6(3)M1b (Cisco IOS)

15.6(3)M2 (Cisco IOS)

15.6(3)M2a (Cisco IOS)

15.6(3)M3 (Cisco IOS)

15.6(3)M3a (Cisco IOS)

15.3(3)JDA8 (Cisco IOS)

15.3(3)JF2 (Cisco IOS)

15.7(3)M (Cisco IOS)

15.7(3)M0a (Cisco IOS)

- (Cisco IOS XE)

Тип ПО

Операционная система

Операционные системы и аппаратные платформы

Cisco Systems Inc. Cisco IOS 15.6(1)T0a

Cisco Systems Inc. Cisco IOS 15.5(3)M

Cisco Systems Inc. Cisco IOS 15.2(2)E5b

Cisco Systems Inc. Cisco IOS 15.2(5a)E1

Cisco Systems Inc. Cisco IOS 15.2(6)E0b

Cisco Systems Inc. Cisco IOS 15.5(1)S

Cisco Systems Inc. Cisco IOS 15.5(2)S

Cisco Systems Inc. Cisco IOS 15.5(1)S1

Cisco Systems Inc. Cisco IOS 15.5(3)S

Cisco Systems Inc. Cisco IOS 15.5(1)S2

Cisco Systems Inc. Cisco IOS 15.5(1)S3

Cisco Systems Inc. Cisco IOS 15.5(2)S1

Cisco Systems Inc. Cisco IOS 15.5(2)S2

Cisco Systems Inc. Cisco IOS 15.5(3)S1

Cisco Systems Inc. Cisco IOS 15.5(3)S1a

Cisco Systems Inc. Cisco IOS 15.5(2)S3

Cisco Systems Inc. Cisco IOS 15.5(3)S2

Cisco Systems Inc. Cisco IOS 15.5(3)S0a

Cisco Systems Inc. Cisco IOS 15.5(3)S3

Cisco Systems Inc. Cisco IOS 15.5(1)S4

Cisco Systems Inc. Cisco IOS 15.5(2)S4

Cisco Systems Inc. Cisco IOS 15.5(3)S4

Cisco Systems Inc. Cisco IOS 15.5(3)S5

Cisco Systems Inc. Cisco IOS 15.5(3)S6

Cisco Systems Inc. Cisco IOS 15.5(3)S6a

Cisco Systems Inc. Cisco IOS 15.5(3)S6b

Cisco Systems Inc. Cisco IOS 15.5(1)T

Cisco Systems Inc. Cisco IOS 15.5(2)T

Cisco Systems Inc. Cisco IOS 15.5(1)T3

Cisco Systems Inc. Cisco IOS 15.5(2)T1

Cisco Systems Inc. Cisco IOS 15.5(2)T2

Cisco Systems Inc. Cisco IOS 15.5(2)T3

Cisco Systems Inc. Cisco IOS 15.5(2)T4

Cisco Systems Inc. Cisco IOS 15.5(1)T4

Cisco Systems Inc. Cisco IOS 15.5(3)M1

Cisco Systems Inc. Cisco IOS 15.5(3)M0a

Cisco Systems Inc. Cisco IOS 15.5(3)M2

Cisco Systems Inc. Cisco IOS 15.5(3)M3

Cisco Systems Inc. Cisco IOS 15.5(3)M4

Cisco Systems Inc. Cisco IOS 15.5(3)M4a

Cisco Systems Inc. Cisco IOS 15.5(3)M5

Cisco Systems Inc. Cisco IOS 15.5(3)M6

Cisco Systems Inc. Cisco IOS 15.5(3)M6a

Cisco Systems Inc. Cisco IOS 15.5(3)SN

Cisco Systems Inc. Cisco IOS 15.6(1)S

Cisco Systems Inc. Cisco IOS 15.6(2)S

Cisco Systems Inc. Cisco IOS 15.6(2)S1

Cisco Systems Inc. Cisco IOS 15.6(1)S1

Cisco Systems Inc. Cisco IOS 15.6(1)S2

Cisco Systems Inc. Cisco IOS 15.6(2)S0a

Cisco Systems Inc. Cisco IOS 15.6(2)S2

Cisco Systems Inc. Cisco IOS 15.6(1)S3

Cisco Systems Inc. Cisco IOS 15.6(2)S3

Cisco Systems Inc. Cisco IOS 15.6(1)S4

Cisco Systems Inc. Cisco IOS 15.6(2)S4

Cisco Systems Inc. Cisco IOS 15.6(1)T

Cisco Systems Inc. Cisco IOS 15.6(2)T

Cisco Systems Inc. Cisco IOS 15.6(1)T1

Cisco Systems Inc. Cisco IOS 15.6(2)T1

Cisco Systems Inc. Cisco IOS 15.6(1)T2

Cisco Systems Inc. Cisco IOS 15.6(2)T2

Cisco Systems Inc. Cisco IOS 15.6(1)T3

Cisco Systems Inc. Cisco IOS 15.6(2)T3

Cisco Systems Inc. Cisco IOS 15.3(1)SY3

Cisco Systems Inc. Cisco IOS 15.6(2)SP

Cisco Systems Inc. Cisco IOS 15.6(2)SP1

Cisco Systems Inc. Cisco IOS 15.6(2)SP2

Cisco Systems Inc. Cisco IOS 15.6(2)SP3

Cisco Systems Inc. Cisco IOS 15.6(2)SN

Cisco Systems Inc. Cisco IOS 15.3(3)JD8

Cisco Systems Inc. Cisco IOS 15.6(3)M

Cisco Systems Inc. Cisco IOS 15.6(3)M1

Cisco Systems Inc. Cisco IOS 15.6(3)M0a

Cisco Systems Inc. Cisco IOS 15.6(3)M1b

Cisco Systems Inc. Cisco IOS 15.6(3)M2

Cisco Systems Inc. Cisco IOS 15.6(3)M2a

Cisco Systems Inc. Cisco IOS 15.6(3)M3

Cisco Systems Inc. Cisco IOS 15.6(3)M3a

Cisco Systems Inc. Cisco IOS 15.3(3)JDA8

Cisco Systems Inc. Cisco IOS 15.3(3)JF2

Cisco Systems Inc. Cisco IOS 15.7(3)M

Cisco Systems Inc. Cisco IOS 15.7(3)M0a

Cisco Systems Inc. Cisco IOS XE -

Уровень опасности уязвимости

Критический уровень опасности (базовая оценка CVSS 2.0 составляет 10)

Возможные меры по устранению уязвимости

Использование рекомендаций:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos#fixed

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Существует

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0151
CVE

EPSS

Процентиль: 90%

0.05855

Низкий

10 Critical

CVSS2

Связанные уязвимости

CVE-2018-0151

CVSS3: 9.8

nvd

почти 8 лет назад

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code on the affected device with elevated privileges. The attacker could also leverage this vulnerability to cause the device to reload, causing a temporary DoS condition while the device is reloading. The malicious packets must be destined to and processed by an affected device. Traffic transiting a device will not trigger the vulnerability. Cisco Bug IDs

GHSA-mpwr-vh8m-qpfg