CVE-2018-0476

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

Description

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Category

5.9
CVSS
Severity: Medium
CVSS 3.0 •
CVSS 2.0 •
EPSS 4.37% Top 15%
Vendor Advisory cisco.com
Affected: Cisco Cisco IOS XE Software
Published at:
Updated at:

References

Link Tags
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg vendor advisory
http://www.securitytracker.com/id/1041734 vdb entry third party advisory
http://www.securityfocus.com/bid/105419 vdb entry third party advisory
http://www.securitytracker.com/id/1041737 vdb entry third party advisory

Frequently Asked Questions

What is the severity of CVE-2018-0476?
CVE-2018-0476 has been scored as a medium severity vulnerability.
How to fix CVE-2018-0476?
To fix CVE-2018-0476, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2018-0476 being actively exploited in the wild?
It is possible that CVE-2018-0476 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~4% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2018-0476?
CVE-2018-0476 affects Cisco Cisco IOS XE Software.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.