Denial of Service Vulnerability in Cisco 550X Series Stackable Managed Switches
CVE-2018-0209

7.7HIGH

Key Information:

Vendor
Cisco
Status
Cisco 550x Series Stackable Managed Switches
Vendor
CVE Published:
8 March 2018

Summary

A security flaw exists in the Simple Network Management Protocol (SNMP) communication channel of the Cisco 550X Series Stackable Managed Switches. This issue allows an authenticated remote attacker to send a crafted stream of SNMP traffic that can cause the device to unexpectedly reload, resulting in a Denial of Service (DoS) situation. Recovery may necessitate a manual reboot of the device. The vulnerability arises from inadequate input throttling of incoming SNMP traffic over an internal interface.

Affected Version(s)

Cisco 550X Series Stackable Managed Switches Cisco 550X Series Stackable Managed Switches

References

http://www.securityfocus.com/bid/103406
vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.