SB2018042306 - Denial of service in Cisco cBR Series Converged Broadband Routers
Published: April 23, 2018 Updated: April 23, 2018
Security Bulletin ID
SB2018042306
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource exhaustion (CVE-ID: CVE-2018-0257)
A vulnerability allows an adjacent unauthenticated attacker to cause DoS condition on the target system.The weakness exists due to the incorrect handling of certain DHCP packets. An adjacent attacker can send certain DHCP packets to a specific segment, increase CPU usage and cause the service to crash.
Remediation
Install update from vendor's website.