A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. The vulnerability is due to a condition that could occur when the affected software processes an SNMP read request that contains a request for the ciscoFlashMIB object ID (OID). An attacker could trigger this vulnerability by issuing an SNMP GET request for the ciscoFlashMIB OID on an affected device. A successful exploit could cause the affected device to restart due to a SYS-3-CPUHOG. This vulnerability affects the following Cisco devices if they are running a vulnerable release of Cisco IOS Software and are configured to use SNMP Version 2 (SNMPv2) or SNMP Version 3 (SNMPv3): Cisco Catalyst 2960-L Series Switches, Cisco Catalyst Digital Building Series Switches 8P, Cisco Catalyst Digital Building Series Switches 8U. Cisco Bug IDs: CSCvd89541.
CVE-2018-0161
Score elevated to 9.0 because this CVE is listed on the CISA Known Exploited Vulnerabilities catalog (added 2022-03-03), indicating real-world exploitation has been confirmed by US federal agencies. NVD baseline CVSS 6.3 retained for reference. Confidence: HIGH.
- Actively exploited in the wild (CISA-KEV)
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- 6.3
- EG Score
- 9.0(high)
- EPSS
- 90.8%
- KEV
- ⚠ Exploited
Published
March 28, 2018
Last Modified
January 14, 2026
Advisory Details (4)
Auto-updated Jun 13, 2026Known Exploited Vulnerabilities Catalog | CISA
Known Exploited Vulnerabilities Catalog | CISA. Listed in CISA Known Exploited Vulnerabilities catalog.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0161Cisco IOS Software Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-snmpWeakness Classification(1)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Frequently asked(6)
What is CVE-2018-0161?
When was CVE-2018-0161 disclosed?
Is CVE-2018-0161 actively exploited?
What is the CVSS score of CVE-2018-0161?
Which products are affected by CVE-2018-0161?
How do I remediate CVE-2018-0161?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2018-0161
Is Your Infrastructure Affected by CVE-2018-0161?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.