{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T21:17:49.069","vulnerabilities":[{"cve":{"id":"CVE-2018-0470","sourceIdentifier":"psirt@cisco.com","published":"2018-10-05T14:29:04.810","lastModified":"2024-11-21T03:38:18.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker could exploit this vulnerability by sending a malformed HTTP packet to an affected device for processing. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, resulting in a DoS condition."},{"lang":"es","value":"Una vulnerabilidad en el framework web de Cisco IOS XE Software podría permitir que un atacante remoto sin autenticar provoque un desbordamiento de búfer en un dispositivo afectado, lo que resulta en una denegación de servicio (DoS). La vulnerabilidad se debe a que el software afectado analiza incorrectamente los paquetes HTTP mal formados que se envían al dispositivo afectado. Un atacante podría explotar esta vulnerabilidad enviando un paquete HTTP mal formado a un dispositivo afectado para su procesamiento. Su explotación con éxito podría permitir que el atacante provoque un desbordamiento de búfer en el dispositivo afectado y provoque una denegación de servicio (DoS)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-399"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xe:16.2.0:*:*:*:*:*:*:*","matchCriteriaId":"DC820348-1E2E-4791-BF56-419749F02162"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xe:16.3\\(1\\):*:*:*:*:*:*:*","matchCriteriaId":"D08E919C-BC85-49A4-B8FD-21B4C4A10B5D"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105397","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041737","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03","source":"psirt@cisco.com"},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webdos","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105397","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041737","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webdos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}