CVE-2018-0132 (CNNVD-201802-269)
中文标题:
Cisco IOS XR Software 安全漏洞
英文标题:
A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow a...
漏洞描述
中文描述:
Cisco IOS XR Software是美国思科(Cisco)公司的IOS软件系列(包括IOS T、IOS S和IOS XR)中的一套完全模块化、分布式的网络操作系统。 Cisco IOS XR Software中的forwarding information base (FIB)代码存在拒绝服务漏洞,该漏洞源于程序没有正确的处理超长的路由更新。远程攻击者可利用该漏洞造成FIB和RIB之间产生差异,导致拒绝服务。
英文描述:
A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of extremely long routing updates. An attacker could exploit this vulnerability by sending a large routing update. A successful exploit could allow the attacker to trigger inconsistency between the FIB and the RIB, resulting in a DoS condition. Cisco Bug IDs: CSCus84718.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| cisco | carrier_routing_system | 5.3.0.rout | - | - |
cpe:2.3:a:cisco:carrier_routing_system:5.3.0.rout:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-0132 |
2025-11-11 15:19:35 | 2025-11-11 07:34:56 |
| NVD | nvd_CVE-2018-0132 |
2025-11-11 14:55:52 | 2025-11-11 07:43:33 |
| CNNVD | cnnvd_CNNVD-201802-269 |
2025-11-11 15:09:58 | 2025-11-11 07:53:34 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 缓冲区错误
- cnnvd_id: 未提取 -> CNNVD-201802-269
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 8.6
- cvss_vector: NOT_EXTRACTED -> CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- cvss_version: NOT_EXTRACTED -> 3.0
- affected_products_count: 0 -> 1
- data_sources: ['cve'] -> ['cve', 'nvd']