QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0470

Back to search

CVE-2018-0470

Published: Oct 5, 2018

Modified: Nov 26, 2024

PUBLISHED

Description

A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker could exploit this vulnerability by sending a malformed HTTP packet to an affected device for processing. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, resulting in a DoS condition.

VendorProductVersions

Cisco

Cisco IOS XE Software

affected
n/a

Weaknesses (CWE)

CWE-399

References

1041737
vdb-entry
x_refsource_SECTRACK
105397
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now