Executive Summary

Informations
NameCVE-2018-0473First vendor Publication2018-10-05
VendorCveLast vendor Modification2019-04-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0473

CWE : Common Weakness Enumeration

%idName
100 %CWE-399Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2

Nessus® Vulnerability Scanner

DateDescription
2018-10-05Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20180926-ptp.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/105427
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
MISC https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
SECTRACK http://www.securitytracker.com/id/1041737

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2019-04-15 17:18:46
  • Multiple Updates
2019-01-07 21:19:17
  • Multiple Updates
2018-10-07 17:19:23
  • Multiple Updates
2018-10-05 21:19:40
  • First insertion