Cyber Resilience

CVE-2018-0179

MediumCISA KEVActive ExploitationEUVD Exploited

Published: 28 March 2018

Published
28 March 2018
Modified
14 January 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0203 84.2th percentile
Risk Priority 33 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2018-0179 is a medium-severity an unspecified weakness vulnerability in Cisco Ios. Its CVSS base score is 5.9 (Medium).

Operationally, ranked in the top 15.8% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-2 (Flaw Remediation).

Deeper analysis

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated remote attacker to trigger a reload of an affected device. The issues affect Cisco devices running IOS Software releases 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later, and are tracked under Cisco Bug IDs CSCuy32360 and CSCuz60599. The CVSS 3.1 base score is 5.9 with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a high impact on availability.

An unauthenticated remote attacker can exploit the flaws over the network to cause a denial-of-service condition by forcing the affected system to reload. The attack requires high complexity and does not need user interaction or credentials.

The Cisco Security Advisory cisco-sa-20180328-slogin addresses the issues, and the vulnerability appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation.

EU & UK References

Vulnerability details

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices…

more

that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ios
15.3\(00.00.19\)sy, 15.4\(01\)ia001.100, 15.4\(03\)m4.1, 15.4\(2\)cg, 15.4\(2\)t

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires mechanisms to protect against or limit effects of network-based DoS attacks that trigger device reloads via the Login Block feature.

prevent

Implements the Login Enhancements (Login Block) feature whose flaws are directly exploited in CVE-2018-0179 to cause unauthenticated reloads.

prevent

Requires timely application of vendor patches for the specific IOS Login Block vulnerabilities (CSCuy32360, CSCuz60599) before exploitation.

References