How severe is CVE-2018-0256?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2018-0256?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2018-0256 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect validation of peer-to-peer packet headers. An attacker could exploit this vulnerability by sending a crafted peer-to-peer packet through an affected device. A successful exploit could allow the attacker to cause the SESSMGR process on the affected device to restart unexpectedly, which could briefly impact traffic while the SESSMGR process restarts and result in a DoS condition. Cisco Bug IDs: CSCvg88786.

Related Vulnerabilities

CVE-2015-7282

MEDIUM

CVSS:5.8(Medium)

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the des...

CWE-202015

CVE-2015-7794

MEDIUM

CVSS:5.8(Medium)

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.

CWE-202015

CVE-2017-0179

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a...

CWE-202017

CVE-2017-0182

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server ...

CWE-202017

CVE-2017-0183

MEDIUM

CVSS:5.8(Medium)

CWE-202017

CVE-2017-0185

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fai...

CWE-202017