Denial of Service Vulnerability in Cisco 550X Series Stackable Managed Switches
CVE-2018-0209

7.7HIGH

Key Information:

Vendor: Cisco
Status: Cisco 550x Series Stackable Managed Switches
Vendor: CVE Published:; 8 March 2018

What is CVE-2018-0209?

A security flaw exists in the Simple Network Management Protocol (SNMP) communication channel of the Cisco 550X Series Stackable Managed Switches. This issue allows an authenticated remote attacker to send a crafted stream of SNMP traffic that can cause the device to unexpectedly reload, resulting in a Denial of Service (DoS) situation. Recovery may necessitate a manual reboot of the device. The vulnerability arises from inadequate input throttling of incoming SNMP traffic over an internal interface.

Affected Version(s)

Cisco 550X Series Stackable Managed Switches Cisco 550X Series Stackable Managed Switches

References

http://www.securityfocus.com/bid/103406

vdb-entryx_refsource_BID

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 8, 2018
Vulnerability Reserved
Nov 27, 2017