Vulnerability-Lookup

BDU:2023-02366

Vulnerability from fstec - Published: 20.06.2018

Title

Уязвимость компонента Cisco Fabric Services операционных систем NX-OS и Cisco FXOS устройств Cisco, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость компонента Cisco Fabric Services операционных систем NX-OS и Cisco FXOS устройств Cisco связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Cisco Systems Inc.

Software Name

NX-OS, FX-OS

Software Version

от 5.2 до 6.2(21) (NX-OS), от 6.2 до 6.2(21) (NX-OS), от 7.3 до 8.1(1a) (NX-OS), от 8.1 до 8.1(1a) (NX-OS), от 7.0(3)I4 до 7.0(3)I4(7) (NX-OS), от 7.0(3)I5 до 7.0(3)I6(2) (NX-OS), от 7.0(3)I6 до 7.0(3)I6(2) (NX-OS), от 6.0 до 6.0(2)A8(9) (NX-OS), от 6.0 до 7.3(3)N1(1) (NX-OS), от 7.0 до 7.3(3)N1(1) (NX-OS), от 7.1 до 7.3(3)N1(1) (NX-OS), от 7.2 до 7.3(3)N1(1) (NX-OS), от 7.3 до 7.3(3)N1(1) (NX-OS), от 6.2 до 6.2(20) (NX-OS), от 7.2 до 7.3(2)D1(1) (NX-OS), от 7.3 до 7.3(2)D1(1) (NX-OS), от 8.0 до 8.1(2) (NX-OS), от 8.1 до 8.1(2) (NX-OS), от 1.1 до 1.1.4.179 (FX-OS), от 2.0 до 2.0.1.153 (FX-OS), от 2.1.1 до 2.1.1.86 (FX-OS), от 2.2.1 до 2.2.1.70 (FX-OS), от 2.2.2 до 2.2.2.17 (FX-OS)

Possible Mitigations

Использование рекомендаций производителя: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-0311 http://www.securitytracker.com/id/1041169 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos

CWE

CWE-119, CWE-399

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.2 \u0434\u043e 6.2(21) (NX-OS), \u043e\u0442 6.2 \u0434\u043e 6.2(21) (NX-OS), \u043e\u0442 7.3 \u0434\u043e 8.1(1a) (NX-OS), \u043e\u0442 8.1 \u0434\u043e 8.1(1a) (NX-OS), \u043e\u0442 7.0(3)I4\t\u0434\u043e 7.0(3)I4(7) (NX-OS), \u043e\u0442 7.0(3)I5\t\u0434\u043e 7.0(3)I6(2) (NX-OS), \u043e\u0442 7.0(3)I6\t\u0434\u043e 7.0(3)I6(2) (NX-OS), \u043e\u0442 6.0 \u0434\u043e 6.0(2)A8(9) (NX-OS), \u043e\u0442 6.0 \u0434\u043e 7.3(3)N1(1) (NX-OS), \u043e\u0442 7.0 \u0434\u043e 7.3(3)N1(1) (NX-OS), \u043e\u0442 7.1 \u0434\u043e 7.3(3)N1(1) (NX-OS), \u043e\u0442 7.2 \u0434\u043e 7.3(3)N1(1) (NX-OS), \u043e\u0442 7.3 \u0434\u043e 7.3(3)N1(1) (NX-OS), \u043e\u0442 6.2 \u0434\u043e 6.2(20) (NX-OS), \u043e\u0442 7.2 \u0434\u043e 7.3(2)D1(1) (NX-OS), \u043e\u0442 7.3 \u0434\u043e 7.3(2)D1(1) (NX-OS), \u043e\u0442 8.0 \u0434\u043e 8.1(2) (NX-OS), \u043e\u0442 8.1 \u0434\u043e 8.1(2) (NX-OS), \u043e\u0442 1.1 \u0434\u043e 1.1.4.179 (FX-OS), \u043e\u0442 2.0 \u0434\u043e 2.0.1.153 (FX-OS), \u043e\u0442 2.1.1 \u0434\u043e 2.1.1.86 (FX-OS), \u043e\u0442 2.2.1 \u0434\u043e 2.2.1.70 (FX-OS), \u043e\u0442 2.2.2 \u0434\u043e 2.2.2.17 (FX-OS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.06.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.05.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.05.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-02366",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-0311",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "NX-OS, FX-OS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(2)D1(1) , Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(3)D1(1) , Cisco Systems Inc. NX-OS \u043e\u0442 8.0 \u0434\u043e 8.1(1) , Cisco Systems Inc. NX-OS 7.3(2)D1(1) , Cisco Systems Inc. FX-OS \u043e\u0442 1.1 \u0434\u043e 1.1.4.179 , Cisco Systems Inc. FX-OS \u043e\u0442 2.0 \u0434\u043e 2.0.1.153 , Cisco Systems Inc. FX-OS \u043e\u0442 2.1.1 \u0434\u043e 2.1.1.86 , Cisco Systems Inc. FX-OS \u043e\u0442 2.2.1 \u0434\u043e 2.2.1.70 , Cisco Systems Inc. FX-OS \u043e\u0442 2.2.2 \u0434\u043e 2.2.2.17 , Cisco Systems Inc. NX-OS \u043e\u0442 6.2 \u0434\u043e 6.2(20) , Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.1(2) , Cisco Systems Inc. NX-OS \u043e\u0442 5.2 \u0434\u043e 6.2(21) MDS 9000 Series Multilayer Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.2 \u0434\u043e 6.2(21) MDS 9000 Series Multilayer Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 8.1(1a) MDS 9000 Series Multilayer, Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.1(1a) MDS 9000 Series Multilayer Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I4\t\u0434\u043e 7.0(3)I4(7) Nexus 3000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I5\t\u0434\u043e 7.0(3)I6(2) Nexus 3000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0(3)I6\t\u0434\u043e 7.0(3)I6(2) Nexus 3000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.0 \u0434\u043e 6.0(2)A8(9) Nexus 3500 Platform Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.0 \u0434\u043e 7.3(3)N1(1) Nexus 2000 Series Fabric Extenders, Cisco Systems Inc. NX-OS \u043e\u0442 6.0 \u0434\u043e 7.3(3)N1(1) Nexus 5500 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.0 \u0434\u043e 7.3(3)N1(1) Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.0 \u0434\u043e 7.3(3)N1(1) Nexus 5600 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0 \u0434\u043e 7.3(3)N1(1) Nexus 2000 Series Fabric Extenders, Cisco Systems Inc. NX-OS \u043e\u0442 7.0 \u0434\u043e 7.3(3)N1(1) Nexus 5500 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0 \u0434\u043e 7.3(3)N1(1) Nexus 5600 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.0 \u0434\u043e 7.3(3)N1(1) Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.3(3)N1(1) Nexus 2000 Series Fabric Extenders, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.3(3)N1(1) Nexus 5500 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.3(3)N1(1) Nexus 5600 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.1 \u0434\u043e 7.3(3)N1(1) Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(3)N1(1) Nexus 2000 Series Fabric Extenders, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(3)N1(1) Nexus 5500 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(3)N1(1) Nexus 5600 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(3)N1(1) Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(3)N1(1) Nexus 2000 Series Fabric Extenders, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(3)N1(1) Nexus 5500 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(3)N1(1) Nexus 5600 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(3)N1(1) Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.2 \u0434\u043e 6.2(20) Nexus 7000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 6.2 \u0434\u043e 6.2(20) Nexus 7700 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(2)D1(1) Nexus 7000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.2 \u0434\u043e 7.3(2)D1(1) Nexus 7700 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(2)D1(1) Nexus 7000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 7.3 \u0434\u043e 7.3(2)D1(1) Nexus 7700 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 8.0 \u0434\u043e 8.1(2) Nexus 7000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 8.0 \u0434\u043e 8.1(2) Nexus 7700 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.1(2) Nexus 7000 Series Switches, Cisco Systems Inc. NX-OS \u043e\u0442 8.1 \u0434\u043e 8.1(2) Nexus 7700 Series Switches, Cisco Systems Inc. FX-OS \u043e\u0442 1.1 \u0434\u043e 1.1.4.179 Firepower 4100 Series Next-Generation Firewall, Cisco Systems Inc. FX-OS \u043e\u0442 2.0 \u0434\u043e 2.0.1.153 Firepower 4100 Series Next-Generation Firewall, Cisco Systems Inc. FX-OS \u043e\u0442 2.1.1 \u0434\u043e 2.1.1.86 Firepower 4100 Series Next-Generation Firewall, Cisco Systems Inc. FX-OS \u043e\u0442 2.2.1 \u0434\u043e 2.2.1.70 Firepower 4100 Series Next-Generation Firewall, Cisco Systems Inc. FX-OS \u043e\u0442 2.2.2 \u0434\u043e 2.2.2.17 Firepower 4100 Series Next-Generation Firewall, Cisco Systems Inc. FX-OS \u043e\u0442 1.1 \u0434\u043e 1.1.4.179 Firepower 9300 Security Appliance, Cisco Systems Inc. FX-OS \u043e\u0442 2.0 \u0434\u043e 2.0.1.153 Firepower 9300 Security Appliance, Cisco Systems Inc. FX-OS \u043e\u0442 2.1.1 \u0434\u043e 2.1.1.86 Firepower 9300 Security Appliance, Cisco Systems Inc. FX-OS \u043e\u0442 2.2.1 \u0434\u043e 2.2.1.70 Firepower 9300 Security Appliance, Cisco Systems Inc. FX-OS \u043e\u0442 2.2.2 \u0434\u043e 2.2.2.17 Firepower 9300 Security Appliance",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Cisco Fabric Services \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c NX-OS \u0438 Cisco FXOS \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119), \u041e\u0448\u0438\u0431\u043a\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u043c (CWE-399)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Cisco Fabric Services \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c NX-OS \u0438 Cisco FXOS \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-0311\nhttp://www.securitytracker.com/id/1041169\t\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119, CWE-399",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CVE-2018-0311 (GCVE-0-2018-0311)

Vulnerability from cvelistv5 – Published: 2018-06-21 11:00 – Updated: 2024-11-29 14:57

Summary

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.

Severity ?

No CVSS data available.

CWE

CWE-399

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1041169	vdb-entryx_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/C…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco FXOS and NX-OS unknown	Affected: Cisco FXOS and NX-OS unknown

Date Public ?

2018-06-21 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041169",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041169"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0311",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:43:38.619660Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T14:57:32.415Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco FXOS and NX-OS unknown",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco FXOS and NX-OS unknown"
            }
          ]
        }
      ],
      "datePublic": "2018-06-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-23T09:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041169",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041169"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco FXOS and NX-OS unknown",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco FXOS and NX-OS unknown"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041169",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041169"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0311",
    "datePublished": "2018-06-21T11:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2024-11-29T14:57:32.415Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2023-02366

CVE-2018-0311 (GCVE-0-2018-0311)

Tags

Sightings

Nomenclature