BDU:2018-00499CriticalConfirmedExploit available
BDU
BDU
Data Bank of Information Security Threats
BDU ФСТЭК is the authoritative Russian source of vulnerability information, covering both international CVEs relevant to domestic software and unique Russian-disclosed issues. Entries contain severity, affected product lists (in Russian), and mitigation recommendations.
Region
RU
Updates
1 ч
License
Открытые данные
Russian federal catalog of vulnerabilities and threats maintained by FSTEC. Required for compliance with Russian information security regulations (Приказ №17, Приказ №21).
https://bdu.fstec.ru →Share link
Anyone with the link can open this vulnerability.
Уязвимость операционных систем Cisco IOS и Cisco IOS XE связана с некорректной валидацией данных пакета. Эксплуатация уязвимости может позв…
CVSS
10.0
Critical
EPSS
0.00
p0
Published
2018-01-01
Updated
2018-01-01
Description
Уязвимость операционных систем Cisco IOS и Cisco IOS XE связана с некорректной валидацией данных пакета. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать аварийное завершение работы сторожевого таймера или выполнить произвольный код путем отправки специально сформированного сообщения Smart Install на TCP-порт 4786
Affected products
Cisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco iosCisco systems inc. Cisco ios
CVSS vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Timeline
2018-01-01
Published
2018-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Authentication
Au: N
None (N)
Confidentiality Impact
C: C
Complete
Integrity Impact
I: C
Complete
Availability Impact
A: C
Complete
Exploit indicators
EPSS
0.000 · p0
Known exploited (KEV)
No
Known exploits — Сканер-ВС
BDU:2018-00499
bdu_exploit · https://bdu.fstec.ru/vul
44451
exploitdb · https://www.exploit-db.com/exploits/44451
Affected products
| Product | Vendor | Status |
|---|---|---|
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
| cisco ios | cisco systems inc. | Tracked |
Showing first 20 of 269
Source databases
BDU
BDU
Data Bank of Information Security Threats
BDU ФСТЭК is the authoritative Russian source of vulnerability information, covering both international CVEs relevant to domestic software and unique Russian-disclosed issues. Entries contain severity, affected product lists (in Russian), and mitigation recommendations.
Region
RU
Updates
1 ч
License
Открытые данные
Russian federal catalog of vulnerabilities and threats maintained by FSTEC. Required for compliance with Russian information security regulations (Приказ №17, Приказ №21).
https://bdu.fstec.ru →Related vulnerabilities