CVE-2018-0473: Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0473

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

资源管理错误

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Cisco产品IOS Software Precision Time Protocol子系统资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Cisco 2500 Series Connected Grid Switches等都是美国思科（Cisco）公司的不同型号的交换机产品。IOS Software是运行在其中的一套Cisco为其网络设备开发的操作系统。Precision Time Protocol（PTP）是其中的一个高精度时间同步协议子系统。多款Cisco产品中的IOS Software的PTP子系统存在资源管理错误漏洞，该漏洞源于程序没有充分的处理PTP数据包。当设备被配置来处理PTP数据包时，远程攻击者可通过发送自定义的PTP数据

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Cisco	Cisco IOS Software	n/a	-

II. Public POCs for CVE-2018-0473

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-0473

Please Login to view more intelligence information

https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03x_refsource_MISC
http://www.securityfocus.com/bid/105427vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041737vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptpvendor-advisoryx_refsource_CISCO
https://nvd.nist.gov/vuln/detail/CVE-2018-0473

IV. Related Vulnerabilities

Same product: Cisco IOS Software

Same vendor: Cisco

Same weakness: CWE-399

V. Comments for CVE-2018-0473

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2018-0473

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-0473

III. Intelligence Information for CVE-2018-0473

IV. Related Vulnerabilities

V. Comments for CVE-2018-0473

Leave a comment