CVE-2018-0467
HIGHCisco IOS XE - Unauthenticated Denial of Service via IPv6 Hop-by-Hop Option Handling
Title source: llmDescription
A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041737
Various Sources x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
Scores
CVSS v3
8.6
EPSS
0.0381
EPSS Percentile
88.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (3)
cisco/ios_xe
15.6\(2\)sp
cisco/ios_xe
16.6.1
cisco/ios_xe
everest-16.6.1
Published
Oct 05, 2018
Tracked Since
Feb 18, 2026