var-201806-0993
Vulnerability from variot
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code or cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69954, CSCve02463, CSCve02785, CSCve02787, CSCve02804, CSCve04859. Cisco FXOS and NX-OS The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvd69954 , CSCve02463 , CSCve02785 , CSCve02787 , CSCve02804 ,and CSCve04859 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-Generation Firewalls and so on are all products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall device. MDS9000SeriesMultilayerSwitches is a switch device. FXOSSoftware is a suite of firewall software running on Cisco security appliances. NX-OSSoftware is a suite of data center-level operating system software running on Cisco switch devices. FabricServices is one of the Fabric service components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0993",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nexus 5000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(0\\)hsk\\(0.357\\)"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(3a\\)a"
},
{
"model": "nexus 5000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3\\(0\\)d1\\(0.98\\)"
},
{
"model": "nexus 9000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.1\\(1\\)s4"
},
{
"model": "nexus 9000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.1\\(0\\)bd\\(0.20\\)"
},
{
"model": "firepower 9000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "r231"
},
{
"model": "nexus 5000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.1\\(0.2\\)s0"
},
{
"model": "nexus 7000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.1\\(0.112\\)s0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(0\\)hsk\\(0.357\\)"
},
{
"model": "firepower 9000",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "r211"
},
{
"model": "nexus 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3\\(2\\)d1\\(0.49\\)"
},
{
"model": "nexus 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.0\\(1\\)"
},
{
"model": "nexus 5000",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 9000",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified computing system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower 9000",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "fabric services firepower series next-generation firewalls",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4100"
},
{
"model": "firepower security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9300"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2000"
},
{
"model": "nexus series switche",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3500"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5500"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5600"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7700"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "nexus r-series line cards and fabric modules",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9500"
},
{
"model": "ucs series fabric interconnects",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6100"
},
{
"model": "ucs series fabric interconnects",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6200"
},
{
"model": "ucs series fabric interconnects",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6300"
},
{
"model": "nx-os 7.0 i7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "nx-os ucs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "62000"
},
{
"model": "nx-os ucs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "61000"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "nx-os 7.0 i6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.0 i5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.0 i4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus r-series line cards and fabric modules",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "77000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55000"
},
{
"model": "nexus platform switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "mds nx-os software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90005.2"
},
{
"model": "mds nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "fxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.2"
},
{
"model": "fxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "fxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.1"
},
{
"model": "fxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "fxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "firepower security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "93000"
},
{
"model": "firepower series next-generation firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "41000"
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1(2)"
},
{
"model": "nx-os 8.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.3 n1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.3 d1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.0 i4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 7.0 f3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(21)"
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(20)"
},
{
"model": "nx-os 3.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fxos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.2.17"
},
{
"model": "fxos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1.70"
},
{
"model": "fxos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.1.86"
},
{
"model": "fxos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1.153"
},
{
"model": "fxos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.4.179"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "BID",
"id": "104514"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_7000_firmware:7.3\\(2\\)d1\\(0.49\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_7000_firmware:8.1\\(0.112\\)s0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_7000_firmware:8.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_5000_firmware:8.1\\(0.2\\)s0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_5000_firmware:7.3\\(0\\)d1\\(0.98\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_5000_firmware:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:firepower_9000_firmware:r231:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:firepower_9000_firmware:r211:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:firepower_9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_9000_firmware:8.1\\(0\\)bd\\(0.20\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nexus_9000_firmware:8.1\\(1\\)s4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_firmware:3.1\\(3a\\)a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_firmware:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0308"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "104514"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0308",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-0308",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11962",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-118510",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-0308",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0308",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-11962",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-1048",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-118510",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "VULHUB",
"id": "VHN-118510"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code or cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69954, CSCve02463, CSCve02785, CSCve02787, CSCve02804, CSCve04859. Cisco FXOS and NX-OS The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvd69954 , CSCve02463 , CSCve02785 , CSCve02787 , CSCve02804 ,and CSCve04859 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-Generation Firewalls and so on are all products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall device. MDS9000SeriesMultilayerSwitches is a switch device. FXOSSoftware is a suite of firewall software running on Cisco security appliances. NX-OSSoftware is a suite of data center-level operating system software running on Cisco switch devices. FabricServices is one of the Fabric service components",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "BID",
"id": "104514"
},
{
"db": "VULHUB",
"id": "VHN-118510"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0308",
"trust": 3.4
},
{
"db": "BID",
"id": "104514",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1041169",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-11962",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-118510",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "VULHUB",
"id": "VHN-118510"
},
{
"db": "BID",
"id": "104514"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"id": "VAR-201806-0993",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "VULHUB",
"id": "VHN-118510"
}
],
"trust": 1.2791938446153845
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
}
]
},
"last_update_date": "2023-12-18T12:18:47.888000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180620-fxnxos-fab-ace",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-fxnxos-fab-ace"
},
{
"title": "Patch for CiscoFXOS and NX-OSSoftwareFabricServices Remote Code Execution Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/132603"
},
{
"title": "Multiple Cisco product FXOS Software and NX-OS Software Fabric Services Fixes for component input validation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=81113"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118510"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-fxnxos-fab-ace"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104514"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041169"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0308"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0308"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "VULHUB",
"id": "VHN-118510"
},
{
"db": "BID",
"id": "104514"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"db": "VULHUB",
"id": "VHN-118510"
},
{
"db": "BID",
"id": "104514"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"date": "2018-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-118510"
},
{
"date": "2018-06-20T00:00:00",
"db": "BID",
"id": "104514"
},
{
"date": "2018-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"date": "2018-06-20T21:29:00.623000",
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"date": "2018-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11962"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118510"
},
{
"date": "2018-06-20T00:00:00",
"db": "BID",
"id": "104514"
},
{
"date": "2018-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006597"
},
{
"date": "2019-10-09T23:31:43.240000",
"db": "NVD",
"id": "CVE-2018-0308"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FXOS and NX-OS Software buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006597"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-1048"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.