Denial of Service Vulnerability in Cisco SocialMiner TCP Stack
CVE-2018-0290

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Socialminer Notification System
Vendor: CVE Published:; 17 May 2018

What is CVE-2018-0290?

A vulnerability exists in the TCP stack of Cisco SocialMiner that allows an unauthenticated remote attacker to trigger a denial of service (DoS) condition. This issue is caused by improper handling of new TCP connections to the application, which can be exploited by sending a malicious TCP packet. Successful exploitation results in the interruption of specific phone services, necessitating a manual restart of the service to restore full functionality. The vulnerability highlights the critical need for robust security measures in network applications.

Affected Version(s)

Cisco SocialMiner Notification System Cisco SocialMiner Notification System

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104201

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2018
Vulnerability Reserved
Nov 27, 2017