QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0156

Back to search

CVE-2018-0156

Published: Mar 28, 2018

Modified: Jan 12, 2026

PUBLISHED

Description

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.

VendorProductVersions

n/a

Cisco IOS and IOS XE

affected
Cisco IOS and IOS XE

Weaknesses (CWE)

CWE-399

References

1040596
vdb-entry
x_refsource_SECTRACK
103569
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2018-0156 - Security Vulnerability | QwikSec