You are here
Home > Preporuke > Ranjivost Cisco IOS softvera

Ranjivost Cisco IOS softvera

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20180926-ptp

Revision: 1.0

For Public Release: 2018 September 26 16:00 GMT

Last Updated: 2018 September 26 16:00 GMT

CVE ID(s): CVE-2018-0473

CVSS Score v(3): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol.

The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp”]

This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981”].

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJbq67YXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczGkEQAIDU8Qlw5ZHd2onLHzx9GNU4XzaK
96J6WmKwhnwgI27a7qBRmBF6eWFq9HNa6eFmufau2Tjta90mMPjss4ayZVxs8fC5
v0j2x37wC4SfJhChH+Ut4Iz0WGHF3ILRiqoufPKTG+oTN9TOiO9YnB7tiywUyM4n
VHtfEAW0C6SepSSEAoCi8GSgPBI99t2cgUaJ60TPOeuiN2IwrkbhJU9oAUvpr2Y2
ACFzrF9RB3BMIaXTBdAolC2OcGwGM6XnpbuhiKNvJBcFif1CdphJuY3O+3NzHEjZ
/pSGkdOAHCKMbQF33A4RJpOx0rVCbCOFvDlUOWJAshJNwW+tjE63Ugc/QGmPp0jW
XpHpoSDvalY73r0pdLUs+MyPiLvJTu7jm17Z03j0dO6bH46L0E4ki5K05pv/ppEs
NUICFUUxFYdIKx7ZbyCzbz1flRF5JukY+joaXIB8C9X5tZxpI3sLdSWDJQIYhQ50
9FTtPC5M0iM/tCC8q2ZtTToJK/qy5Cw8qjTe2ua/aNFm7PeE2eLlZoh3lRgW2GlK
FNhwRsUwXzROf7yFms8jvo4QMnsnTEUSK95YQj2gF2XQRbq37pa9NZR+UZDZKmvx
V7kZi8ePE70SZVheYKEG6lDBSSoujvfgCXh1I9efiAIqiQtYgW6gg/oDsft/33zH
5Wt2HSNPSnQKpjy8
=e2fh
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorVlatka Misic
Cert idNCERT-REF-2018-09-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Ranjivost Cisco IOS i Cisco IOS XE softvera

Otkrivena je ranjivost u IPv6 kodu za obradu ulaznih parametara Cisco IOS i IOS XE softvera uzrokovana neispravnim upravljanjem specifičnih...

Close