QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0158

Back to search

CVE-2018-0158

Published: Mar 28, 2018

Modified: Jan 12, 2026

PUBLISHED

Description

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

VendorProductVersions

n/a

Cisco IOS and IOS XE

affected
Cisco IOS and IOS XE

Weaknesses (CWE)

CWE-20

References

103566
vdb-entry
x_refsource_BID
1040595
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now