Vulnerabilities > CVE-2018-0189 - Unspecified vulnerability in Cisco IOS XE
Attack vector
NETWORK Attack complexity
HIGH Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. The vulnerability is due to a limitation in the way the FIB is internally representing recursive routes. An attacker could exploit this vulnerability by injecting routes into the routing protocol that have a specific recursive pattern. The attacker must be in a position on the network that provides the ability to inject a number of recursive routes with a specific pattern. An exploit could allow the attacker to cause an affected device to reload, creating a DoS condition. Cisco Bug IDs: CSCva91655.
Vulnerable Configurations
Nessus
NASL family CISCO NASL id CISCO-SA-20180328-FIB-DOS-IOSXE.NASL description According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability in the Forwarding Information Base code due to a limitation in the way the FIB is internally representing recursive routes. An unauthenticated, network attacker can exploit this, by injecting routes into the routing protocol that have a specific recursive pattern, provided that the attacker is in a position on the network that provides the ability to inject a number of recursive routs with a specific pattern. An exploit allows the attacker to cause an affected device to reload, creating a DoS condition. Please see the included Cisco BIDs and Cisco Security Advisory for more information. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 132698 published 2020-01-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132698 title Cisco IOS XE Software Forwarding Information Base DoS (cisco-sa-20180328-FIB-dos) NASL family CISCO NASL id CISCO-SA-20180328-FIB-DOS-IOS.NASL description According to its self-reported version, Cisco IOS is affected by a denial of service (DoS) vulnerability in the Forwarding Information Base code due to a limitation in the way the FIB is internally representing recursive routes. An unauthenticated, network attacker can exploit this, by injecting routes into the routing protocol that have a specific recursive pattern, provided that the attacker is in a position on the network that provides the ability to inject a number of recursive routs with a specific pattern. An exploit allows the attacker to cause an affected device to reload, creating a DoS condition. Please see the included Cisco BIDs and Cisco Security Advisory for more information. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 132697 published 2020-01-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132697 title Cisco IOS Forwarding Information Base DoS (cisco-sa-20180328-FIB-dos)