A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is in the KEV database since March 3, 2022.

The EPSS score is 0.11321.

Exploitation active

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Cisco Subscribe
Asr 1001-hx Subscribe
Asr 1001-x Subscribe
Asr 1002-hx Subscribe
Asr 1002-x Subscribe
Asr 1004 Subscribe
Asr 1006 Subscribe
Asr 1006-x Subscribe
Asr 1009-x Subscribe
Asr 1013 Subscribe
Ios Subscribe
Ios Xe Subscribe
Rockwellautomation Subscribe
Allen-bradley Stratix 5900 Subscribe

Configuration 1 [-]

AND
OR cpe:2.3:o:cisco:ios:15.5\(3\)s1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.10:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.11:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.12:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.10:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.11:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.12:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:o:cisco:ios:15.5\(3\)s1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.10:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.11:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)s1.12:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.10:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.11:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.12:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.securityfocus.com/bid/103566 cve-icon cve-icon
http://www.securitytracker.com/id/1040595 cve-icon cve-icon
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03 cve-icon cve-icon
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04 cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0158 cve-icon cve-icon
History

Wed, 22 Oct 2025 00:15:00 +0000

Type Values Removed Values Added
References

Tue, 21 Oct 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 21 Oct 2025 19:30:00 +0000

Type Values Removed Values Added
References

Fri, 15 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-03-03'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2025-10-21T23:45:54.255Z

Reserved: 2017-11-27T00:00:00.000Z

Link: CVE-2018-0158

cve-icon Vulnrichment

Updated: 2024-08-05T03:14:17.087Z

cve-icon NVD

Status : Analyzed

Published: 2018-03-28T22:29:00.547

Modified: 2025-10-27T18:00:24.043

Link: CVE-2018-0158

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses