Vulnerability Details CVE-2018-0473
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/105427
- http://www.securitytracker.com/id/1041737
- https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp
- http://www.securityfocus.com/bid/105427
- http://www.securitytracker.com/id/1041737
- https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp