How severe is CVE-2018-0485?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2018-0485?

This is classified as CWE-19, which is a common weakness in software security.

CVE-2018-0485

HIGH Year: 2018

CVSS v3 Score

8.6

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-19

View all →

Vulnerability Description

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of user input. An attacker could exploit this vulnerability by first connecting to the SM-1T3/E3 module console and entering a string sequence. A successful exploit could allow the attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a DoS condition on an affected device.

CVE-2018-0157

HIGH

CVSS:8.6(High)

A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. The vulnerability is due to the way fragmented pac...

CWE-192018

CVE-2020-3414

HIGH

CVSS:8.6(High)

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resu...

CWE-192020

CVE-2016-2790

HIGH

CVSS:8.8(High)

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data st...

CWE-192016

CVE-2016-2795

HIGH

CVSS:8.8(High)

The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data s...

CWE-192016

CVE-2016-3630

HIGH

CVSS:8.8(High)

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b)...

CWE-192016

CVE-2016-4977

HIGH

CVSS:8.8(High)

When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enable...

CWE-192016

CVE-2018-0485

Vulnerability Description

Related Vulnerabilities

CVE-2018-0157

CVE-2020-3414

CVE-2016-2790

CVE-2016-2795

CVE-2016-3630

CVE-2016-4977