CVE-2018-0211

CVE-2018-0211

Vendor N/A

Product Cisco Identity Services Engine

Weakness CWE-20 · Input validation

Published March 8, 2018

Last update December 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to cause a denial of service (DoS) condition. The device may need to be manually rebooted to recover. The vulnerability is due to lack of proper input validation of the CLI user input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and issuing a crafted, malicious CLI command on the targeted device. A successful exploit could allow the attacker to cause a DoS condition. The attacker must have valid administrative privileges on the device to exploit this vulnerability. Cisco Bug IDs: CSCvf63414, CSCvh51992.

Key dates

02Disclosure timeline

March 8, 2018 CVE published

December 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-0211 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE