Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2018-0256
HistoryApr 19, 2018 - 8:29 p.m.

CVE-2018-0256

2018-04-1920:29:01
CWE-20
cisco
web.nvd.nist.gov
32
cisco
packet data network gateway
vulnerability
remote attacker
dos
nvd
cve-2018-0256

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

46.9%

JSON

A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect validation of peer-to-peer packet headers. An attacker could exploit this vulnerability by sending a crafted peer-to-peer packet through an affected device. A successful exploit could allow the attacker to cause the SESSMGR process on the affected device to restart unexpectedly, which could briefly impact traffic while the SESSMGR process restarts and result in a DoS condition. Cisco Bug IDs: CSCvg88786.

Affected configurations

Nvd
Node
ciscoasr_5000_series_softwareMatch20.3.0.66671
OR
ciscoasr_5000_series_softwareMatchp2p_2.16.879
VendorProductVersionCPE
ciscoasr_5000_series_software20.3.0.66671cpe:2.3:o:cisco:asr_5000_series_software:20.3.0.66671:*:*:*:*:*:*:*
ciscoasr_5000_series_softwarep2p_2.16.879cpe:2.3:o:cisco:asr_5000_series_software:p2p_2.16.879:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Cisco Packet Data Network Gateway",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Packet Data Network Gateway"
      }
    ]
  }
]

Related

prion 1
cvelist 1
cisco 1
nvd 1
prion
prion
Race condition
2018-04-19 20:29:00
cvelist
cvelist
CVE-2018-0256
2018-04-19 20:00:00
cisco
cisco
Cisco Packet Data Network Gateway Peer-to-Peer Message Processing Denial of Service Vulnerability
2018-04-18 16:00:00
nvd
nvd
CVE-2018-0256
2018-04-19 20:29:01

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

46.9%

JSON
Related for CVE-2018-0256
prion1cvelist1cisco1nvd1