CVE-2018-15464 (CNNVD-201901-306)
中文标题:
Cisco 900 Series Aggregation Services Router Software 资源管理错误漏洞
英文标题:
Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability
漏洞描述
中文描述:
Cisco 900 Series Aggregation Services Router(ASR)Software是美国思科(Cisco)公司的一套运行于900系列路由器设备中的操作系统。 Cisco 900 Series ASR Software中存在拒绝服务漏洞,该漏洞源于程序没有充分处理进入的广播数据包。远程攻击者可通过发送大量的广播数据包利用该漏洞造成拒绝服务。
英文描述:
A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of certain broadcast packets ingress to the device. An attacker could exploit this vulnerability by sending large streams of broadcast packets to an affected device. If successful, an exploit could allow an attacker to impact services running on the device, resulting in a partial DoS condition.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Cisco | Cisco ASR 900 Series Aggregation Services Routers | n/a | - | - |
cpe:2.3:a:cisco:cisco_asr_900_series_aggregation_services_routers:n_a:*:*:*:*:*:*:*
|
| cisco | asr_900_series_software | 16.6.2 | - | - |
cpe:2.3:a:cisco:asr_900_series_software:16.6.2:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
3.0 (cna)
MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-15464 |
2025-11-11 15:19:42 | 2025-11-11 07:35:07 |
| NVD | nvd_CVE-2018-15464 |
2025-11-11 14:56:02 | 2025-11-11 07:43:42 |
| CNNVD | cnnvd_CNNVD-201901-306 |
2025-11-11 15:10:08 | 2025-11-11 07:54:17 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 资源管理错误
- cnnvd_id: 未提取 -> CNNVD-201901-306
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 2
- data_sources: ['cve'] -> ['cve', 'nvd']