Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2022-04550

Опубликовано: 17 апр. 2018
Источник: fstec
CVSS3: 8
CVSS2: 7.9
EPSS Низкий

Описание

Уязвимость реализации протокола Link Layer Discovery Protocol (LLDP) операционных систем Cisco IOS, Cisco IOS XE и Cisco IOS XR вызвана выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Вендор

Cisco Systems Inc.
Rockwell Automation Inc.

Наименование ПО

Cisco IOS
Cisco IOS XE
Allen Bradley Armorstratix 5700
Allen Bradley Stratix 5400
Allen Bradley Stratix 5410
Allen Bradley Stratix 5700
Cisco IOS XR
Allen Bradley Stratix 5900 Services router
Allen Bradley Stratix 8000

Версия ПО

15.3s (Cisco IOS)
- (Cisco IOS XE)
12.2EZ (Cisco IOS)
12.2SXH (Cisco IOS)
12.2SXI (Cisco IOS)
15.2S (Cisco IOS)
15.0EY (Cisco IOS)
15.1S (Cisco IOS)
15.0SY (Cisco IOS)
12.2SXJ (Cisco IOS)
15.0SG (Cisco IOS)
15.0EX (Cisco IOS)
15.1SY (Cisco IOS)
15.4S (Cisco IOS)
15.2SC (Cisco IOS)
15.2SY (Cisco IOS)
15.2JAZ (Cisco IOS)
15.5S (Cisco IOS)
15.3SY (Cisco IOS)
15.6SP (Cisco IOS)
15.4SY (Cisco IOS)
15.5SY (Cisco IOS)
15.3T (Cisco IOS)
15.2M (Cisco IOS)
15.2GC (Cisco IOS)
15.4T (Cisco IOS)
15.1MRA (Cisco IOS)
15.1SVB (Cisco IOS)
15.2JB (Cisco IOS)
15.3M (Cisco IOS)
15.2JN (Cisco IOS)
15.1SVD (Cisco IOS)
15.1SVF (Cisco IOS)
15.1SVE (Cisco IOS)
15.4M (Cisco IOS)
15.2SD (Cisco IOS)
15.3XB (Cisco IOS)
15.4CG (Cisco IOS)
15.1SVG (Cisco IOS)
15.5T (Cisco IOS)
15.4SN (Cisco IOS)
15.3JN (Cisco IOS)
15.1SVH (Cisco IOS)
15.5M (Cisco IOS)
15.3JA (Cisco IOS)
15.3JAB (Cisco IOS)
15.3JB (Cisco IOS)
15.5SN (Cisco IOS)
15.6S (Cisco IOS)
15.1SVI (Cisco IOS)
15.6T (Cisco IOS)
15.3JNB (Cisco IOS)
15.3JAX (Cisco IOS)
15.3JBB (Cisco IOS)
15.3JC (Cisco IOS)
15.3JNC (Cisco IOS)
15.3JNP (Cisco IOS)
15.5XB (Cisco IOS)
15.6SN (Cisco IOS)
15.3JPB (Cisco IOS)
15.3JD (Cisco IOS)
15.1SVJ (Cisco IOS)
15.3JPC (Cisco IOS)
15.3JND (Cisco IOS)
15.3JE (Cisco IOS)
15.3JPD (Cisco IOS)
15.3JDA (Cisco IOS)
15.3JF (Cisco IOS)
15.3JCA (Cisco IOS)
15.1SG (Cisco IOS)
15.2E (Cisco IOS)
12.2SE (Cisco IOS)
12.2EX (Cisco IOS)
12.2EY (Cisco IOS)
12.2SG (Cisco IOS)
12.2SQ (Cisco IOS)
15.0XO (Cisco IOS)
12.2WO (Cisco IOS)
15.0SE (Cisco IOS)
15.0EZ (Cisco IOS)
15.2EY (Cisco IOS)
15.0EJ (Cisco IOS)
15.2EX (Cisco IOS)
15.0EK (Cisco IOS)
15.2EB (Cisco IOS)
15.2EA (Cisco IOS)
15.0SQD (Cisco IOS)
15.1SVS (Cisco IOS)
15.3JK (Cisco IOS)
15.1SVR (Cisco IOS)
- (Allen Bradley Armorstratix 5700)
- (Allen Bradley Stratix 5400)
- (Allen Bradley Stratix 5410)
- (Allen Bradley Stratix 5700)
до 5.1.3 (Cisco IOS XR)
- (Allen Bradley Stratix 5900 Services router)
- (Allen Bradley Stratix 8000)
15.1SVU (Cisco IOS)
15.1SVV (Cisco IOS)
15.1SVX (Cisco IOS)
15.1SVW (Cisco IOS)

Тип ПО

Операционная система
ПО сетевого программно-аппаратного средства

Операционные системы и аппаратные платформы

Cisco Systems Inc. Cisco IOS 15.3s
Cisco Systems Inc. Cisco IOS XE -
Cisco Systems Inc. Cisco IOS 12.2EZ
Cisco Systems Inc. Cisco IOS 12.2SXH
Cisco Systems Inc. Cisco IOS 12.2SXI
Cisco Systems Inc. Cisco IOS 15.2S
Cisco Systems Inc. Cisco IOS 15.0EY
Cisco Systems Inc. Cisco IOS 15.1S
Cisco Systems Inc. Cisco IOS 15.0SY
Cisco Systems Inc. Cisco IOS 12.2SXJ
Cisco Systems Inc. Cisco IOS 15.0SG
Cisco Systems Inc. Cisco IOS 15.0EX
Cisco Systems Inc. Cisco IOS 15.1SY
Cisco Systems Inc. Cisco IOS 15.4S
Cisco Systems Inc. Cisco IOS 15.2SC
Cisco Systems Inc. Cisco IOS 15.2SY
Cisco Systems Inc. Cisco IOS 15.2JAZ
Cisco Systems Inc. Cisco IOS 15.5S
Cisco Systems Inc. Cisco IOS 15.3SY
Cisco Systems Inc. Cisco IOS 15.6SP
Cisco Systems Inc. Cisco IOS 15.4SY
Cisco Systems Inc. Cisco IOS 15.5SY
Cisco Systems Inc. Cisco IOS 15.3T
Cisco Systems Inc. Cisco IOS 15.2M
Cisco Systems Inc. Cisco IOS 15.2GC
Cisco Systems Inc. Cisco IOS 15.4T
Cisco Systems Inc. Cisco IOS 15.1MRA
Cisco Systems Inc. Cisco IOS 15.1SVB
Cisco Systems Inc. Cisco IOS 15.2JB
Cisco Systems Inc. Cisco IOS 15.3M
Cisco Systems Inc. Cisco IOS 15.2JN
Cisco Systems Inc. Cisco IOS 15.1SVD
Cisco Systems Inc. Cisco IOS 15.1SVF
Cisco Systems Inc. Cisco IOS 15.1SVE
Cisco Systems Inc. Cisco IOS 15.4M
Cisco Systems Inc. Cisco IOS 15.2SD
Cisco Systems Inc. Cisco IOS 15.3XB
Cisco Systems Inc. Cisco IOS 15.4CG
Cisco Systems Inc. Cisco IOS 15.1SVG
Cisco Systems Inc. Cisco IOS 15.5T
Cisco Systems Inc. Cisco IOS 15.4SN
Cisco Systems Inc. Cisco IOS 15.3JN
Cisco Systems Inc. Cisco IOS 15.1SVH
Cisco Systems Inc. Cisco IOS 15.5M
Cisco Systems Inc. Cisco IOS 15.3JA
Cisco Systems Inc. Cisco IOS 15.3JAB
Cisco Systems Inc. Cisco IOS 15.3JB
Cisco Systems Inc. Cisco IOS 15.5SN
Cisco Systems Inc. Cisco IOS 15.6S
Cisco Systems Inc. Cisco IOS 15.1SVI
Cisco Systems Inc. Cisco IOS 15.6T
Cisco Systems Inc. Cisco IOS 15.3JNB
Cisco Systems Inc. Cisco IOS 15.3JAX
Cisco Systems Inc. Cisco IOS 15.3JBB
Cisco Systems Inc. Cisco IOS 15.3JC
Cisco Systems Inc. Cisco IOS 15.3JNC
Cisco Systems Inc. Cisco IOS 15.3JNP
Cisco Systems Inc. Cisco IOS 15.5XB
Cisco Systems Inc. Cisco IOS 15.6SN
Cisco Systems Inc. Cisco IOS 15.3JPB
Cisco Systems Inc. Cisco IOS 15.3JD
Cisco Systems Inc. Cisco IOS 15.1SVJ
Cisco Systems Inc. Cisco IOS 15.3JPC
Cisco Systems Inc. Cisco IOS 15.3JND
Cisco Systems Inc. Cisco IOS 15.3JE
Cisco Systems Inc. Cisco IOS 15.3JPD
Cisco Systems Inc. Cisco IOS 15.3JDA
Cisco Systems Inc. Cisco IOS 15.3JF
Cisco Systems Inc. Cisco IOS 15.3JCA
Cisco Systems Inc. Cisco IOS 15.1SG
Cisco Systems Inc. Cisco IOS 15.2E
Cisco Systems Inc. Cisco IOS 12.2SE
Cisco Systems Inc. Cisco IOS 12.2EX
Cisco Systems Inc. Cisco IOS 12.2EY
Cisco Systems Inc. Cisco IOS 12.2SG
Cisco Systems Inc. Cisco IOS 12.2SQ
Cisco Systems Inc. Cisco IOS 15.0XO
Cisco Systems Inc. Cisco IOS 12.2WO
Cisco Systems Inc. Cisco IOS 15.0SE
Cisco Systems Inc. Cisco IOS 15.0EZ
Cisco Systems Inc. Cisco IOS 15.2EY
Cisco Systems Inc. Cisco IOS 15.0EJ
Cisco Systems Inc. Cisco IOS 15.2EX
Cisco Systems Inc. Cisco IOS 15.0EK
Cisco Systems Inc. Cisco IOS 15.2EB
Cisco Systems Inc. Cisco IOS 15.2EA
Cisco Systems Inc. Cisco IOS 15.0SQD
Cisco Systems Inc. Cisco IOS 15.1SVS
Cisco Systems Inc. Cisco IOS 15.3JK
Cisco Systems Inc. Cisco IOS 15.1SVR
Cisco Systems Inc. Cisco IOS XR до 5.1.3
Cisco Systems Inc. Cisco IOS 15.1SVU
Cisco Systems Inc. Cisco IOS 15.1SVV
Cisco Systems Inc. Cisco IOS 15.1SVX
Cisco Systems Inc. Cisco IOS 15.1SVW

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,9)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 8)

Возможные меры по устранению уязвимости

Использование рекомендаций производителя:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Существует

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 84%
0.02174
Низкий

8 High

CVSS3

7.9 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2018-0175

CVSS3: 8
nvd
почти 8 лет назад

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

github логотип

GHSA-f6hc-7357-x73w

CVSS3: 8
github
больше 3 лет назад

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

EPSS

Процентиль: 84%
0.02174
Низкий

8 High

CVSS3

7.9 High

CVSS2