IsItPatchedInstant security status for any software version
← All products

CVE-2018-0180

MEDIUM severity · CVSS 5.9 · CWE-399 · actively exploited (CISA KEV)
5.9CVSS MEDIUM ● exploited
🔴 Actively exploited in the wild (CISA Known Exploited Vulnerabilities). Added to KEV 2022-03-03. US federal agencies must patch by 2022-03-17.

Summary

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Impact & exploitability

Attack vectorNetwork
Attack complexityHigh
Privileges requiredNone
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)2%

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products we track (1)

Cisco IOS

Recommendation

This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.

Additional information

Last checked: Wed, 10 Jun 2026 22:18:30 UTC