VDB
CVE-2018-15373
CVE-2018-15373
PUBLISHED
Reported by cisco · Published October 5, 2018
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS Software | n/a |
| Cisco | Cisco IOS Software | n/a |
Timeline
- Sep 26, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- 20180926 Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability vendor-advisoryx_refsource_CISCO
- 105413 vdb-entryx_refsource_BID
- x_refsource_MISC