A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco IOS and IOS XE Software could allow an adjacent, unauthenticated attacker to create a DoS condition or execute arbitrary code with elevated privileges. The vulnerability is due to improper handling of certain fields within an LLDP message. An attacker that is directly connected to an interface of the affected device could exploit this vulnerability by submitting an LLDP PDU that is designed to prime the device for exploitation. An attacker must then convince an authenticated user to execute a specific show command in the CLI of the affected device. If successful, the attacker could create a DoS condition or potentially gain the ability to execute arbitrary code with elevated privileges. The CVE ID for this vulnerability is: CVE-2018-0175 The SIR for this vulnerability is: High The Cisco bug ID for this vulnerability is: CSCvd73664 ? Cisco IOS and IOS XE Software Cisco has released software updates that address this vulnerability. There are no workarounds that address these vulnerabilities. This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp
Devices running an affected version of Cisco IOS, Cisco IOS XE, or Cisco IOS XR software with the LLDP feature enabled. To determine whether a release is affected by any published Cisco Security Advisory, use the Cisco IOS Software Checker on Cisco.com at the following link: https://tools.cisco.com/security/center/softwarechecker.x
None.
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 8.8: https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X CVE ID CVE-2018-0175 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html