CVE-2018-0421 vulnerability in Cisco Products
Published on October 5, 2018
Cisco Prime Access Registrar Denial of Service Vulnerability
A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.
Weakness Type
Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Products Associated with CVE-2018-0421
stack.watch emails you whenever new vulnerabilities are published in Cisco Prime Access Registrar or Cisco Prime Access Registrar Jumpstart. Just hit a watch button to start following.
Affected Versions
Cisco Prime Access Registrar Version n/a is affected by CVE-2018-0421Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.