Executive Summary
Summary | |
---|---|
Title | Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180926-ptp | First vendor Publication | 2018-09-26 |
Vendor | Cisco | Last vendor Modification | 2018-09-26 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"] This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication ["http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981"]. BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJbq67YXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczGkEQAIDU8Qlw5ZHd2onLHzx9GNU4XzaK 96J6WmKwhnwgI27a7qBRmBF6eWFq9HNa6eFmufau2Tjta90mMPjss4ayZVxs8fC5 v0j2x37wC4SfJhChH+Ut4Iz0WGHF3ILRiqoufPKTG+oTN9TOiO9YnB7tiywUyM4n VHtfEAW0C6SepSSEAoCi8GSgPBI99t2cgUaJ60TPOeuiN2IwrkbhJU9oAUvpr2Y2 ACFzrF9RB3BMIaXTBdAolC2OcGwGM6XnpbuhiKNvJBcFif1CdphJuY3O+3NzHEjZ /pSGkdOAHCKMbQF33A4RJpOx0rVCbCOFvDlUOWJAshJNwW+tjE63Ugc/QGmPp0jW XpHpoSDvalY73r0pdLUs+MyPiLvJTu7jm17Z03j0dO6bH46L0E4ki5K05pv/ppEs NUICFUUxFYdIKx7ZbyCzbz1flRF5JukY+joaXIB8C9X5tZxpI3sLdSWDJQIYhQ50 9FTtPC5M0iM/tCC8q2ZtTToJK/qy5Cw8qjTe2ua/aNFm7PeE2eLlZoh3lRgW2GlK FNhwRsUwXzROf7yFms8jvo4QMnsnTEUSK95YQj2gF2XQRbq37pa9NZR+UZDZKmvx V7kZi8ePE70SZVheYKEG6lDBSSoujvfgCXh1I9efiAIqiQtYgW6gg/oDsft/33zH 5Wt2HSNPSnQKpjy8 =e2fh END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-10-05 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20180926-ptp.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2019-01-07 21:21:26 |
|
2018-10-05 21:21:50 |
|
2018-09-26 21:19:07 |
|