A vulnerability in the IP Version 4nbsp;(IPv4) processing code of Cisconbsp;IOS XE Software running on Cisconbsp;Catalyst 3850 and Cisconbsp;Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of servicenbsp;(DoS) condition.

The vulnerability is due to incorrect processing of certain IPv4 packets.

An attacker could exploit this vulnerability by sending specific IPv4 packets to an IPv4 address on an affected device.

A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition.
If the switch does not reboot when under attack, it would require manual intervention to reload the device.

Cisco has released software updates that address this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ipv4
This advisory is part of the March 28, 2018, release of the Cisconbsp;IOS and IOSnbsp;XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities.

For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2018-0177

Leave a Reply