How severe is CVE-2018-15373?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2018-15373?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2018-15373

HIGH Year: 2018

CVSS v3 Score

7.4

High

CVSS v2 Score

6.1

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition.

CVE-2018-0102

HIGH

CVSS:7.4(High)

A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. Th...

CWE-3992018

CVE-2018-0165

HIGH

CVSS:7.4(High)

A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an aff...

CWE-3992018

CVE-2018-0241

HIGH

CVSS:7.4(High)

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device....

CWE-3992018

CVE-2019-16018

HIGH

CVSS:7.4(High)

A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of s...

CWE-3992019

CVE-2019-1796

HIGH

CVSS:7.4(High)

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of se...

CWE-3992019

CVE-2019-1799

HIGH

CVSS:7.4(High)

CWE-3992019

CVE-2018-15373

Vulnerability Description

Related Vulnerabilities

CVE-2018-0102

CVE-2018-0165

CVE-2018-0241

CVE-2019-16018

CVE-2019-1796

CVE-2019-1799