CyberSec.Space Logo
Back to CVE Browser

CVE-2018-0156

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score41.9790%
EPSS Percentile85.41th
PublishedMar 28, 2018
Last ModifiedJan 13, 2026

Vulnerability Description

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.

Affected Platforms (CPE)

πŸ’»
Cisco

Ios

= 15.2\(2\)e4
πŸ’»
Cisco

Ios

= 15.2\(2a\)ja
πŸ’»
Cisco

Ios Xe

= 15.2\(2\)e4
πŸ’»
Cisco

Ios Xe

= 15.2\(2a\)ja

References & Advisories

πŸ”— http://www.securityfocus.com/bid/103569
πŸ”— http://www.securitytracker.com/id/1040596
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi
πŸ”— http://www.securityfocus.com/bid/103569
πŸ”— http://www.securitytracker.com/id/1040596
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04

Related Vulnerabilities

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...