CISA KEV 정보
| 취약점명 | Cisco IOS Software Denial-of-Service Vulnerability |
|---|---|
| 설명 | A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-399 |
| 등록일 (KEV) | 2022-03-03 |
| 조치 기한 | 2022-03-17 |
| 추가 참고 | https://nvd.nist.gov/vuln/detail/CVE-2018-0180 |
NVD 상세 정보
CVSS v3.1: 5.9 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HCVSS v2.0: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C설명: Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.
CWE: CWE-399
참조
- http://www.securityfocus.com/bid/103556 [Broken Link, Third Party Advisory, VDB Entry]
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin [Mitigation, Vendor Advisory]
- http://www.securityfocus.com/bid/103556 [Broken Link, Third Party Advisory, VDB Entry]
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin [Mitigation, Vendor Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0180 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.