CVE-2018-0174 — Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability

2022-03-03 • CISA Known Exploited Vulnerability

[event] A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).

> AFFECTED SOFTWARE

Field	Value
Vendor	Cisco
Product	IOS XE Software
CWE	CWE-20
CVE ID	CVE-2018-0174
Date Added	2022-03-03
Due Date	2022-03-17
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-03-17

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2018-0174