cvelistv5 - cve-2018-0473

CVE-2018-0473 (GCVE-0-2018-0473)

Vulnerability from cvelistv5

Published

2018-10-05 14:00

Modified

2024-11-26 14:37

Severity ?

CWE

CWE-399

Summary

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.

References

URL

Tags

	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp	vendor-advisory, x_refsource_CISCO
	http://www.securitytracker.com/id/1041737	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/105427	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:28:11.115Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20180926 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"
          },
          {
            "name": "1041737",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041737"
          },
          {
            "name": "105427",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105427"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0473",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:53:15.152389Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:37:50.785Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-12T19:06:32.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20180926 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"
        },
        {
          "name": "1041737",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041737"
        },
        {
          "name": "105427",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105427"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20180926-ptp",
        "defect": [
          [
            "CSCvf94015",
            "CSCvh77659"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-09-26T16:00:00-0500",
          "ID": "CVE-2018-0473",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20180926 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"
            },
            {
              "name": "1041737",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041737"
            },
            {
              "name": "105427",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105427"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20180926-ptp",
          "defect": [
            [
              "CSCvf94015",
              "CSCvh77659"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0473",
    "datePublished": "2018-10-05T14:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2024-11-26T14:37:50.785Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2018-AVI-458

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XE	Logiciel Cisco IOS XE vulnérable configuré avec la fonctionnalité NAT
Cisco	IOS	Commutateur Industrial Ethernet 2000 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS	Commutateur Industrial Ethernet 4000 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS XE	Commutateurs Cisco Catalyst 3650 et 3850 exécutant une version logiciel Cisco IOS XE vulnérable avec le serveur HTTP activé
Cisco	IOS	Commutateur Industrial Ethernet 5000 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS	Commutateur Industrial Ethernet 3010 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS XE	Commutateur Cisco Catalyst 3650, 3850 et 4500E exécutant une version vulnérable du logiciel Cisco IOS XE avec la fonctionnalité errdisable activé
Cisco	IOS XE	Routeurs Cisco ISR G2 ou Cisco ISR4451-X avec un module SM-X-1T3/E3 installé et exécutant une version vulnérable des logiciels Cisco IOS ou IOS XE
Cisco	IOS	Commutateur Industrial Ethernet 4010 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS	Commutateur Connected Grid Ethernet Module Interface Card exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS XE	Logiciel Cisco IOS XE vulnérable avec le serveur HTTP activé
Cisco	IOS XE	Commutateur Cisco Catalyst exécutant une version logiciel vulnérable de Cisco IOS ou Cisco IOS XE avec la fonctionnalité cluster activé
Cisco	N/A	Logiciels Cisco IOS XE et certains équipements de la série Cisco 5500-X Adaptive Security Appliances (ASA) exécutant le logiciel Cisco ASA ou Cisco Firepower Threat Defense (FTD)
Cisco	IOS XE	Logiciels Cisco IOS et IOS XE vulnérables configurés avec une adresse IPv6
Cisco	IOS	Commutateur Industrial Ethernet 2000U Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS XE	Logiciels Cisco IOS et IOS XE vulnérables configurés avec la fonctionnalité OSPFv3
Cisco	IOS	Commutateur Industrial Ethernet 3000 Series exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS	Commutateur 2500 Series Connected Grid exécutant une version vulnérable de Cisco IOS et configuré pour gérer les paquets PTP
Cisco	IOS XE	Logiciels Cisco IOS XE en version 16.6.1 ou 16.6.2 avec la fonctionnalité CDP activé

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20180926-sip-alg du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-iosxe-cmdinj du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-cmp du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-sm1t3e3 du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-ospfv3-dos du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-ipv6hbh du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-cdp-memleak du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-ptp du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-webdos du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-ipsec du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-webuidos du 26 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180926-errdisable du 26 septembre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Logiciel Cisco IOS XE vuln\u00e9rable configur\u00e9 avec la fonctionnalit\u00e9 NAT",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 2000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 4000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateurs Cisco Catalyst 3650 et 3850 ex\u00e9cutant une version logiciel Cisco IOS XE vuln\u00e9rable avec le serveur HTTP activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 5000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 3010 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Cisco Catalyst 3650, 3850 et 4500E ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco IOS XE avec la fonctionnalit\u00e9 errdisable activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Routeurs Cisco ISR G2 ou Cisco ISR4451-X avec un module SM-X-1T3/E3 install\u00e9 et ex\u00e9cutant une version vuln\u00e9rable des logiciels Cisco IOS ou IOS XE",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 4010 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Connected Grid Ethernet Module Interface Card ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Logiciel Cisco IOS XE vuln\u00e9rable avec le serveur HTTP activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Cisco Catalyst ex\u00e9cutant une version logiciel vuln\u00e9rable de Cisco IOS ou Cisco IOS XE avec la fonctionnalit\u00e9 cluster activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Logiciels Cisco IOS XE et certains \u00e9quipements de la s\u00e9rie Cisco 5500-X Adaptive Security Appliances (ASA) ex\u00e9cutant le logiciel Cisco ASA ou Cisco Firepower Threat Defense (FTD)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Logiciels Cisco IOS et IOS XE vuln\u00e9rables configur\u00e9s avec une adresse IPv6",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 2000U Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Logiciels Cisco IOS et IOS XE vuln\u00e9rables configur\u00e9s avec la fonctionnalit\u00e9 OSPFv3",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur Industrial Ethernet 3000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Commutateur 2500 Series Connected Grid ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Logiciels Cisco IOS XE en version 16.6.1 ou 16.6.2 avec la fonctionnalit\u00e9 CDP activ\u00e9",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-0472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0472"
    },
    {
      "name": "CVE-2018-0481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0481"
    },
    {
      "name": "CVE-2018-0473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0473"
    },
    {
      "name": "CVE-2018-0475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0475"
    },
    {
      "name": "CVE-2018-0476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0476"
    },
    {
      "name": "CVE-2018-0467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0467"
    },
    {
      "name": "CVE-2018-0469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0469"
    },
    {
      "name": "CVE-2018-0480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0480"
    },
    {
      "name": "CVE-2018-0470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0470"
    },
    {
      "name": "CVE-2018-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0466"
    },
    {
      "name": "CVE-2018-0485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0485"
    },
    {
      "name": "CVE-2018-0477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0477"
    },
    {
      "name": "CVE-2018-0471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0471"
    }
  ],
  "initial_release_date": "2018-09-27T00:00:00",
  "last_revision_date": "2018-09-27T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-458",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-09-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-sip-alg du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-iosxe-cmdinj du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-iosxe-cmdinj"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-cmp du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cmp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-sm1t3e3 du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sm1t3e3"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ospfv3-dos du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ospfv3-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ipv6hbh du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-cdp-memleak du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-memleak"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ptp du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-webdos du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webdos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ipsec du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-webuidos du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webuidos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-errdisable du 26 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-errdisable"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-0473 (GCVE-0-2018-0473)

Vulnerability from cvelistv5

CERTFR-2018-AVI-458

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature