What is the severity of cisco-sa-20180328-snmp?

The severity of cisco-sa-20180328-snmp is classified as high due to the potential for remote denial of service attacks.

How do I fix cisco-sa-20180328-snmp?

To fix cisco-sa-20180328-snmp, ensure that you upgrade your Cisco IOS Software to the version recommended in the security advisory.

What products are affected by cisco-sa-20180328-snmp?

The cisco-sa-20180328-snmp vulnerability affects certain models of Cisco Catalyst Switches running Cisco IOS Software.

Can cisco-sa-20180328-snmp be exploited by unauthenticated users?

No, exploitation of cisco-sa-20180328-snmp requires authentication by the attacker.

What impact does cisco-sa-20180328-snmp have on network operations?

The impact of cisco-sa-20180328-snmp on network operations is the potential for a denial of service condition, disrupting normal network functionality.

Vulnerability/
cisco-sa-20180328-snmp

high

7.7

CWE

399

28/3/2018

cisco-sa-20180328-snmp: Cisco IOS Software Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability

First published: Wed Mar 28 2018(Updated: )

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a condition that could occur when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device. A successful exploit could cause the affected device to restart due to a SYS-3-CPUHOG. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-snmp This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Credit: This vulnerability was found while handling customer service requests.

Affected Software	Affected Version	How to fix
Puppet Cisco IOS

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-snmp (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2018-0161

Frequently Asked Questions

What is the severity of cisco-sa-20180328-snmp?
The severity of cisco-sa-20180328-snmp is classified as high due to the potential for remote denial of service attacks.
How do I fix cisco-sa-20180328-snmp?
To fix cisco-sa-20180328-snmp, ensure that you upgrade your Cisco IOS Software to the version recommended in the security advisory.
What products are affected by cisco-sa-20180328-snmp?
The cisco-sa-20180328-snmp vulnerability affects certain models of Cisco Catalyst Switches running Cisco IOS Software.
Can cisco-sa-20180328-snmp be exploited by unauthenticated users?
No, exploitation of cisco-sa-20180328-snmp requires authentication by the attacker.
What impact does cisco-sa-20180328-snmp have on network operations?
The impact of cisco-sa-20180328-snmp on network operations is the potential for a denial of service condition, disrupting normal network functionality.

agent/type
agent/event
agent/first-publish-date
collector/cisco-advisory
source/Cisco
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/severity
agent/title
agent/references
agent/description
agent/source
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/puppet cisco ios

Frequently Asked Questions

What is the severity of cisco-sa-20180328-snmp?
The severity of cisco-sa-20180328-snmp is classified as high due to the potential for remote denial of service attacks.
How do I fix cisco-sa-20180328-snmp?
To fix cisco-sa-20180328-snmp, ensure that you upgrade your Cisco IOS Software to the version recommended in the security advisory.
What products are affected by cisco-sa-20180328-snmp?
The cisco-sa-20180328-snmp vulnerability affects certain models of Cisco Catalyst Switches running Cisco IOS Software.
Can cisco-sa-20180328-snmp be exploited by unauthenticated users?
No, exploitation of cisco-sa-20180328-snmp requires authentication by the attacker.
What impact does cisco-sa-20180328-snmp have on network operations?
The impact of cisco-sa-20180328-snmp on network operations is the potential for a denial of service condition, disrupting normal network functionality.

cisco-sa-20180328-snmp: Cisco IOS Software Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

Frequently Asked Questions

What is the severity of cisco-sa-20180328-snmp?

How do I fix cisco-sa-20180328-snmp?

What products are affected by cisco-sa-20180328-snmp?

Can cisco-sa-20180328-snmp be exploited by unauthenticated users?

What impact does cisco-sa-20180328-snmp have on network operations?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of cisco-sa-20180328-snmp?

How do I fix cisco-sa-20180328-snmp?

What products are affected by cisco-sa-20180328-snmp?

Can cisco-sa-20180328-snmp be exploited by unauthenticated users?

What impact does cisco-sa-20180328-snmp have on network operations?