CVE-2018-0161: Cisco IOS Software Resource Management Errors Vulnerability
First published: Wed Mar 28 2018(Updated: )
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The vulnerability is due to a condition that could occur when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device. A successful exploit could cause the affected device to restart due to a SYS-3-CPUHOG. This vulnerability affects the following Cisco devices if they are running a vulnerable release of Cisco IOS Software and are configured to use SNMP Version 2 (SNMPv2) or SNMP Version 3 (SNMPv3): Cisco Catalyst 2960-L Series Switches, Cisco Catalyst Digital Building Series Switches 8P, Cisco Catalyst Digital Building Series Switches 8U. Cisco Bug IDs: CSCvd89541.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Cisco IOS | =15.2\(5\)e | |
| Any of | ||
| Cisco Catalyst 2960l-16ps-ll | ||
| Cisco Catalyst 2960l-16ts-ll | ||
| Cisco Catalyst 2960l-24pq-ll | ||
| Cisco Catalyst 2960l-24ps-ll | ||
| Cisco Catalyst 2960l-24tq-ll | ||
| Cisco Catalyst 2960l-24ts-ll | ||
| Cisco Catalyst 2960l-48pq-ll | ||
| Cisco Catalyst 2960l-48ps-ll | ||
| Cisco Catalyst 2960l-48tq-ll | ||
| Cisco Catalyst 2960l-48ts-ll | ||
| Cisco Catalyst 2960l-8ps-ll | ||
| Cisco Catalyst 2960l-8ts-ll | ||
| Cisco Catalyst Digital Building Series Switches-8p | ||
| Cisco Catalyst Digital Building Series Switches-8u | ||
| Cisco IOS | =15.2\(5\)e | |
| Cisco Catalyst 2960l-16ps-ll | ||
| Cisco Catalyst 2960l-16ts-ll | ||
| Cisco Catalyst 2960l-24pq-ll | ||
| Cisco Catalyst 2960l-24ps-ll | ||
| Cisco Catalyst 2960l-24tq-ll | ||
| Cisco Catalyst 2960l-24ts-ll | ||
| Cisco Catalyst 2960l-48pq-ll | ||
| Cisco Catalyst 2960l-48ps-ll | ||
| Cisco Catalyst 2960l-48tq-ll | ||
| Cisco Catalyst 2960l-48ts-ll | ||
| Cisco Catalyst 2960l-8ps-ll | ||
| Cisco Catalyst 2960l-8ts-ll | ||
| Cisco Catalyst Digital Building Series Switches-8p | ||
| Cisco Catalyst Digital Building Series Switches-8u | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-0161?
CVE-2018-0161 is a vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
Which models of Cisco Catalyst Switches are affected by CVE-2018-0161?
CVE-2018-0161 affects certain models of Cisco Catalyst Switches.
What is the severity of CVE-2018-0161?
CVE-2018-0161 has a severity rating of 6.3 (Medium).
How can an attacker exploit CVE-2018-0161?
An attacker can exploit CVE-2018-0161 by sending specially crafted SNMP requests to a vulnerable device.
Is there a fix for CVE-2018-0161?
Yes, Cisco has released a security advisory with software updates to address CVE-2018-0161.
- agent/type
- agent/description
- agent/weakness
- agent/title
- agent/author
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/softwarecombine
- agent/event
- agent/tags
- collector/nvd-cve
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/15.2\(5\)e
- canonical/cisco catalyst 2960l-16ps-ll
- canonical/cisco catalyst 2960l-16ts-ll
- canonical/cisco catalyst 2960l-24pq-ll
- canonical/cisco catalyst 2960l-24ps-ll
- canonical/cisco catalyst 2960l-24tq-ll
- canonical/cisco catalyst 2960l-24ts-ll
- canonical/cisco catalyst 2960l-48pq-ll
- canonical/cisco catalyst 2960l-48ps-ll
- canonical/cisco catalyst 2960l-48tq-ll
- canonical/cisco catalyst 2960l-48ts-ll
- canonical/cisco catalyst 2960l-8ps-ll
- canonical/cisco catalyst 2960l-8ts-ll
- canonical/cisco catalyst digital building series switches-8p
- canonical/cisco catalyst digital building series switches-8u
- canonical/cisco ios software