CVE-2018-0167

unknown KEV

Published 2022-03-03 · Modified 2022-03-03

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.

CISA KEV

Vendor: Cisco
Product: IOS, XR, and XE Software
Due date: 2022-03-17

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://nvd.nist.gov/vuln/detail/CVE-2018-0167

Exploits

References

https://nvd.nist.gov/vuln/detail/CVE-2018-0167

Verify integrity in audit chain (admin only). AS-IS.