7.8

CVE-2018-0154

Warning

EPSS 10.85%
Published 28.03.2018 22:29:00
Last modified 27.01.2025 20:09:29
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.

Affected products Warnungen 1 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios Version-

   Cisco ≫ 1000 Integrated Services Router Version-
   Cisco ≫ 1100-4g/6g Integrated Services Router Version-
   Cisco ≫ 1100-4g Integrated Services Router Version-
   Cisco ≫ 1100-4gltegb Integrated Services Router Version-
   Cisco ≫ 1100-4gltena Integrated Services Router Version-
   Cisco ≫ 1100-4p Integrated Services Router Version-
   Cisco ≫ 1100-6g Integrated Services Router Version-
   Cisco ≫ 1100-8p Integrated Services Router Version-
   Cisco ≫ 1100-lte Integrated Services Router Version-
   Cisco ≫ 1100 Integrated Services Router Version-
   Cisco ≫ 1101-4p Integrated Services Router Version-
   Cisco ≫ 1101 Integrated Services Router Version-
   Cisco ≫ 1109-2p Integrated Services Router Version-
   Cisco ≫ 1109-4p Integrated Services Router Version-
   Cisco ≫ 1109 Integrated Services Router Version-
   Cisco ≫ 1111x-8p Integrated Services Router Version-
   Cisco ≫ 1111x Integrated Services Router Version-
   Cisco ≫ 111x Integrated Services Router Version-
   Cisco ≫ 1120 Integrated Services Router Version-
   Cisco ≫ 1131 Integrated Services Router Version-
   Cisco ≫ 1160 Integrated Services Router Version-
   Cisco ≫ 1801 Integrated Service Router Version-
   Cisco ≫ 1802 Integrated Service Router Version-
   Cisco ≫ 1803 Integrated Service Router Version-
   Cisco ≫ 1811 Integrated Service Router Version-
   Cisco ≫ 1812 Integrated Service Router Version-
   Cisco ≫ 1841 Integrated Service Router Version-
   Cisco ≫ 1861 Integrated Service Router Version-
   Cisco ≫ 1905 Integrated Services Router Version-
   Cisco ≫ 1906c Integrated Services Router Version-
   Cisco ≫ 1921 Integrated Services Router Version-
   Cisco ≫ 1941 Integrated Services Router Version-
   Cisco ≫ 1941w Integrated Services Router Version-
   Cisco ≫ 4000 Integrated Services Router Version-
   Cisco ≫ 4221 Integrated Services Router Version-
   Cisco ≫ 4321/k9-rf Integrated Services Router Version-
   Cisco ≫ 4321/k9-ws Integrated Services Router Version-
   Cisco ≫ 4321/k9 Integrated Services Router Version-
   Cisco ≫ 4321 Integrated Services Router Version-
   Cisco ≫ 4331/k9-rf Integrated Services Router Version-
   Cisco ≫ 4331/k9-ws Integrated Services Router Version-
   Cisco ≫ 4331/k9 Integrated Services Router Version-
   Cisco ≫ 4331 Integrated Services Router Version-
   Cisco ≫ 4351/k9-rf Integrated Services Router Version-
   Cisco ≫ 4351/k9-ws Integrated Services Router Version-
   Cisco ≫ 4351/k9 Integrated Services Router Version-
   Cisco ≫ 4351 Integrated Services Router Version-
   Cisco ≫ 4431 Integrated Services Router Version-
   Cisco ≫ 44461 Integrated Services Router Version-
   Cisco ≫ 4451-x Integrated Services Router Version-
   Cisco ≫ 4451 Integrated Services Router Version-
   Cisco ≫ 4461 Integrated Services Router Version-
   Cisco ≫ 8101-32fh Version-
   Cisco ≫ 8101-32h Version-
   Cisco ≫ 8102-64h Version-
   Cisco ≫ 8201 Version-
   Cisco ≫ 8201-32fh Version-
   Cisco ≫ 8202 Version-
   Cisco ≫ 8208 Version-
   Cisco ≫ 8212 Version-
   Cisco ≫ 8218 Version-
   Cisco ≫ 8800 12-slot Version-
   Cisco ≫ 8800 18-slot Version-
   Cisco ≫ 8800 4-slot Version-
   Cisco ≫ 8800 8-slot Version-
   Cisco ≫ 8804 Version-
   Cisco ≫ 8808 Version-
   Cisco ≫ 8812 Version-
   Cisco ≫ 8818 Version-
   Cisco ≫ 8831 Version-
   Cisco ≫ 9800-40 Version-
   Cisco ≫ 9800-80 Version-
   Cisco ≫ 9800-cl Version-
   Cisco ≫ 9800-l Version-
   Cisco ≫ Asr 1000 Version-
   Cisco ≫ Asr 1000-esp100 Version-
   Cisco ≫ Asr 1000-esp100-x Version-
   Cisco ≫ Asr 1000-esp200-x Version-
   Cisco ≫ Asr 1000-x Version-
   Cisco ≫ Asr 1001 Version-
   Cisco ≫ Asr 1001-hx Version-
   Cisco ≫ Asr 1001-hx R Version-
   Cisco ≫ Asr 1001-x Version-
   Cisco ≫ Asr 1001-x R Version-
   Cisco ≫ Asr 1002 Version-
   Cisco ≫ Asr 1002-hx Version-
   Cisco ≫ Asr 1002-hx R Version-
   Cisco ≫ Asr 1002-x Version-
   Cisco ≫ Asr 1002-x R Version-
   Cisco ≫ Asr 1004 Version-
   Cisco ≫ Asr 1006 Version-
   Cisco ≫ Asr 1006-x Version-
   Cisco ≫ Asr 1009-x Version-
   Cisco ≫ Asr 1013 Version-
   Cisco ≫ Asr 1023 Version-
   Cisco ≫ Catalyst 3850 Version-
   Cisco ≫ Catalyst 3850-12s-e Version-
   Cisco ≫ Catalyst 3850-12s-s Version-
   Cisco ≫ Catalyst 3850-12x48u Version-
   Cisco ≫ Catalyst 3850-12xs-e Version-
   Cisco ≫ Catalyst 3850-12xs-s Version-
   Cisco ≫ Catalyst 3850-16xs-e Version-
   Cisco ≫ Catalyst 3850-16xs-s Version-
   Cisco ≫ Catalyst 3850-24p-e Version-
   Cisco ≫ Catalyst 3850-24p-l Version-
   Cisco ≫ Catalyst 3850-24p-s Version-
   Cisco ≫ Catalyst 3850-24pw-s Version-
   Cisco ≫ Catalyst 3850-24s-e Version-
   Cisco ≫ Catalyst 3850-24s-s Version-
   Cisco ≫ Catalyst 3850-24t-e Version-
   Cisco ≫ Catalyst 3850-24t-l Version-
   Cisco ≫ Catalyst 3850-24t-s Version-
   Cisco ≫ Catalyst 3850-24u Version-
   Cisco ≫ Catalyst 3850-24u-e Version-
   Cisco ≫ Catalyst 3850-24u-l Version-
   Cisco ≫ Catalyst 3850-24u-s Version-
   Cisco ≫ Catalyst 3850-24xs Version-
   Cisco ≫ Catalyst 3850-24xs-e Version-
   Cisco ≫ Catalyst 3850-24xs-s Version-
   Cisco ≫ Catalyst 3850-24xu Version-
   Cisco ≫ Catalyst 3850-24xu-e Version-
   Cisco ≫ Catalyst 3850-24xu-l Version-
   Cisco ≫ Catalyst 3850-24xu-s Version-
   Cisco ≫ Catalyst 3850-32xs-e Version-
   Cisco ≫ Catalyst 3850-32xs-s Version-
   Cisco ≫ Catalyst 3850-48f-e Version-
   Cisco ≫ Catalyst 3850-48f-l Version-
   Cisco ≫ Catalyst 3850-48f-s Version-
   Cisco ≫ Catalyst 3850-48p-e Version-
   Cisco ≫ Catalyst 3850-48p-l Version-
   Cisco ≫ Catalyst 3850-48p-s Version-
   Cisco ≫ Catalyst 3850-48pw-s Version-
   Cisco ≫ Catalyst 3850-48t-e Version-
   Cisco ≫ Catalyst 3850-48t-l Version-
   Cisco ≫ Catalyst 3850-48t-s Version-
   Cisco ≫ Catalyst 3850-48u Version-
   Cisco ≫ Catalyst 3850-48u-e Version-
   Cisco ≫ Catalyst 3850-48u-l Version-
   Cisco ≫ Catalyst 3850-48u-s Version-
   Cisco ≫ Catalyst 3850-48xs Version-
   Cisco ≫ Catalyst 3850-48xs-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-e Version-
   Cisco ≫ Catalyst 3850-48xs-f-s Version-
   Cisco ≫ Catalyst 3850-48xs-s Version-
   Cisco ≫ Catalyst 3850-nm-2-40g Version-
   Cisco ≫ Catalyst 3850-nm-8-10g Version-
   Cisco ≫ Catalyst 8200 Version-
   Cisco ≫ Catalyst 8300 Version-
   Cisco ≫ Catalyst 8300-1n1s-4t2x Version-
   Cisco ≫ Catalyst 8300-1n1s-6t Version-
   Cisco ≫ Catalyst 8300-2n2s-4t2x Version-
   Cisco ≫ Catalyst 8300-2n2s-6t Version-
   Cisco ≫ Catalyst 8500 Version-
   Cisco ≫ Catalyst 8500-4qc Version-
   Cisco ≫ Catalyst 8500l Version-
   Cisco ≫ Catalyst 8510csr Version-
   Cisco ≫ Catalyst 8510msr Version-
   Cisco ≫ Catalyst 8540csr Version-
   Cisco ≫ Catalyst 8540msr Version-
   Cisco ≫ Catalyst 9200 Version-
   Cisco ≫ Catalyst 9200cx Version-
   Cisco ≫ Catalyst 9200l Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24s-a Version-
   Cisco ≫ Catalyst 9300-24s-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-24ux-a Version-
   Cisco ≫ Catalyst 9300-24ux-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48s-a Version-
   Cisco ≫ Catalyst 9300-48s-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9300-48un-a Version-
   Cisco ≫ Catalyst 9300-48un-e Version-
   Cisco ≫ Catalyst 9300-48uxm-a Version-
   Cisco ≫ Catalyst 9300-48uxm-e Version-
   Cisco ≫ Catalyst 9300l Version-
   Cisco ≫ Catalyst 9300l-24p-4g-a Version-
   Cisco ≫ Catalyst 9300l-24p-4g-e Version-
   Cisco ≫ Catalyst 9300l-24p-4x-a Version-
   Cisco ≫ Catalyst 9300l-24p-4x-e Version-
   Cisco ≫ Catalyst 9300l-24t-4g-a Version-
   Cisco ≫ Catalyst 9300l-24t-4g-e Version-
   Cisco ≫ Catalyst 9300l-24t-4x-a Version-
   Cisco ≫ Catalyst 9300l-24t-4x-e Version-
   Cisco ≫ Catalyst 9300l-48p-4g-a Version-
   Cisco ≫ Catalyst 9300l-48p-4g-e Version-
   Cisco ≫ Catalyst 9300l-48p-4x-a Version-
   Cisco ≫ Catalyst 9300l-48p-4x-e Version-
   Cisco ≫ Catalyst 9300l-48t-4g-a Version-
   Cisco ≫ Catalyst 9300l-48t-4g-e Version-
   Cisco ≫ Catalyst 9300l-48t-4x-a Version-
   Cisco ≫ Catalyst 9300l-48t-4x-e Version-
   Cisco ≫ Catalyst 9300l Stack Version-
   Cisco ≫ Catalyst 9300lm Version-
   Cisco ≫ Catalyst 9300x Version-
   Cisco ≫ Catalyst 9400 Version-
   Cisco ≫ Catalyst 9400 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9407r Version-
   Cisco ≫ Catalyst 9410r Version-
   Cisco ≫ Catalyst 9500 Version-
   Cisco ≫ Catalyst 9500h Version-
   Cisco ≫ Catalyst 9600 Version-
   Cisco ≫ Catalyst 9600 Supervisor Engine-1 Version-
   Cisco ≫ Catalyst 9600x Version-
   Cisco ≫ Catalyst 9800 Version-
   Cisco ≫ Catalyst 9800-40 Version-
   Cisco ≫ Catalyst 9800-40 Wireless Controller Version-
   Cisco ≫ Catalyst 9800-80 Version-
   Cisco ≫ Catalyst 9800-80 Wireless Controller Version-
   Cisco ≫ Catalyst 9800-cl Version-
   Cisco ≫ Catalyst 9800-l Version-
   Cisco ≫ Catalyst 9800-l-c Version-
   Cisco ≫ Catalyst 9800-l-f Version-
   Cisco ≫ Catalyst 9800 Embedded Wireless Controller Version-
   Cisco ≫ Catalyst Ie3200 Rugged Switch Version-
   Cisco ≫ Catalyst Ie3300 Rugged Switch Version-
   Cisco ≫ Catalyst Ie3400 Heavy Duty Switch Version-
   Cisco ≫ Catalyst Ie3400 Rugged Switch Version-
   Cisco ≫ Catalyst Ie9300 Version-
   Cisco ≫ Cbr8 Converged Broadband Router Version-
   Cisco ≫ Cloud Services Router 1000v Version-
   Cisco ≫ Esr-6300-con-k9 Version-
   Cisco ≫ Esr-6300-ncp-k9 Version-
   Cisco ≫ Esr6300 Version-
   Cisco ≫ Integrated Services Virtual Router Version-

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability

Vulnerability

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	10.85%	0.927

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://www.securityfocus.com/bid/103559

Third Party Advisory

Broken Link

VDB Entry

http://www.securitytracker.com/id/1040585

Third Party Advisory

Broken Link

VDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dos

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-0154

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-0154

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-0154

EUVD