First published: Wed Mar 28 2018(Updated: )
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The vulnerability is due to a condition that could occur when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device. A successful exploit could cause the affected device to restart due to a SYS-3-CPUHOG. This vulnerability affects the following Cisco devices if they are running a vulnerable release of Cisco IOS Software and are configured to use SNMP Version 2 (SNMPv2) or SNMP Version 3 (SNMPv3): Cisco Catalyst 2960-L Series Switches, Cisco Catalyst Digital Building Series Switches 8P, Cisco Catalyst Digital Building Series Switches 8U. Cisco Bug IDs: CSCvd89541.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Cisco IOS | =15.2\(5\)e | |
Any of | ||
Cisco Catalyst 2960l-16ps-ll | ||
Cisco Catalyst 2960l-16ts-ll | ||
Cisco Catalyst 2960l-24pq-ll | ||
Cisco Catalyst 2960l-24ps-ll | ||
Cisco Catalyst 2960l-24tq-ll | ||
Cisco Catalyst 2960l-24ts-ll | ||
Cisco Catalyst 2960l-48pq-ll | ||
Cisco Catalyst 2960l-48ps-ll | ||
Cisco Catalyst 2960l-48tq-ll | ||
Cisco Catalyst 2960l-48ts-ll | ||
Cisco Catalyst 2960l-8ps-ll | ||
Cisco Catalyst 2960l-8ts-ll | ||
Cisco Catalyst Digital Building Series Switches-8p | ||
Cisco Catalyst Digital Building Series Switches-8u | ||
Cisco IOS | =15.2\(5\)e | |
Cisco Catalyst 2960l-16ps-ll | ||
Cisco Catalyst 2960l-16ts-ll | ||
Cisco Catalyst 2960l-24pq-ll | ||
Cisco Catalyst 2960l-24ps-ll | ||
Cisco Catalyst 2960l-24tq-ll | ||
Cisco Catalyst 2960l-24ts-ll | ||
Cisco Catalyst 2960l-48pq-ll | ||
Cisco Catalyst 2960l-48ps-ll | ||
Cisco Catalyst 2960l-48tq-ll | ||
Cisco Catalyst 2960l-48ts-ll | ||
Cisco Catalyst 2960l-8ps-ll | ||
Cisco Catalyst 2960l-8ts-ll | ||
Cisco Catalyst Digital Building Series Switches-8p | ||
Cisco Catalyst Digital Building Series Switches-8u | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-0161 is a vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
CVE-2018-0161 affects certain models of Cisco Catalyst Switches.
CVE-2018-0161 has a severity rating of 6.3 (Medium).
An attacker can exploit CVE-2018-0161 by sending specially crafted SNMP requests to a vulnerable device.
Yes, Cisco has released a security advisory with software updates to address CVE-2018-0161.