QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0480

Back to search

CVE-2018-0480

Published: Oct 5, 2018

Modified: Nov 26, 2024

PUBLISHED

Description

A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an errdisabled state, resulting in an incorrect state in the software. An attacker could exploit this vulnerability by sending frames that trigger the errdisable condition. A successful exploit could allow the attacker to cause the affected device to crash, leading to a DoS condition.

VendorProductVersions

Cisco

Cisco IOS XE Software

affected
n/a

Weaknesses (CWE)

CWE-362

References

105400
vdb-entry
x_refsource_BID
1041737
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now