CVE-2018-0286
MEDIUMCisco Ios XR - Improper Exception Handling
Title source: ruleDescription
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious requests to the affected software. An exploit could allow the attacker to cause the targeted process to restart, resulting in a DoS condition on the affected system. Cisco Bug IDs: CSCvg95792.
Scores
CVSS v3
5.3
EPSS
0.0082
EPSS Percentile
74.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Classification
CWE
CWE-399
CWE-755
Status
published
Affected Products (3)
cisco/ios_xr
cisco/ios_xr
cisco/ios_xr
Timeline
Published
May 02, 2018
Tracked Since
Feb 18, 2026