Details of VAR-201806-0993

ID

VAR-201806-0993

CVE

CVE-2018-0308

TITLE

Cisco FXOS and NX-OS Software buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006597

DESCRIPTION

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code or cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69954, CSCve02463, CSCve02785, CSCve02787, CSCve02804, CSCve04859. Cisco FXOS and NX-OS The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvd69954 , CSCve02463 , CSCve02785 , CSCve02787 , CSCve02804 ,and CSCve04859 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-Generation Firewalls and so on are all products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall device. MDS9000SeriesMultilayerSwitches is a switch device. FXOSSoftware is a suite of firewall software running on Cisco security appliances. NX-OSSoftware is a suite of data center-level operating system software running on Cisco switch devices. FabricServices is one of the Fabric service components

Trust: 2.52

sources: NVD: CVE-2018-0308 // JVNDB: JVNDB-2018-006597 // CNVD: CNVD-2018-11962 // BID: 104514 // VULHUB: VHN-118510

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-11962

AFFECTED PRODUCTS

vendor:	cisco	model:	nexus 5000	scope:	eq	version:	7.0\(0\)hsk\(0.357\)	Trust: 1.6
vendor:	cisco	model:	nexus 5000	scope:	eq	version:	8.1\(0.2\)s0	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r211	Trust: 1.6
vendor:	cisco	model:	nexus 9000	scope:	eq	version:	8.1\(1\)s4	Trust: 1.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	3.1\(3a\)a	Trust: 1.6
vendor:	cisco	model:	nexus 5000	scope:	eq	version:	7.3\(0\)d1\(0.98\)	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.1\(0.112\)s0	Trust: 1.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	7.0\(0\)hsk\(0.357\)	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r231	Trust: 1.6
vendor:	cisco	model:	nexus 9000	scope:	eq	version:	8.1\(0\)bd\(0.20\)	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	7.3\(2\)d1\(0.49\)	Trust: 1.0
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.0\(1\)	Trust: 1.0
vendor:	cisco	model:	nexus 5000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified computing system	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	fabric services firepower series next-generation firewalls	scope:	eq	version:	4100	Trust: 0.6
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	9300	Trust: 0.6
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	2000	Trust: 0.6
vendor:	cisco	model:	nexus series switche	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	3500	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5500	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5600	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	6000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7700	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	9500	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6100	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6200	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6300	Trust: 0.6
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ucs series and series fabric interconnects	scope:	eq	version:	620063000	Trust: 0.3
vendor:	cisco	model:	nx-os ucs	scope:	eq	version:	62000	Trust: 0.3
vendor:	cisco	model:	nx-os ucs	scope:	eq	version:	61000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	77000	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	mds nx-os software	scope:	eq	version:	90005.2	Trust: 0.3
vendor:	cisco	model:	mds nx-os	scope:	eq	version:	9000-	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	1.1	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series next-generation firewall	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	8.1(2)	Trust: 0.3
vendor:	cisco	model:	nx-os 8.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 n1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 d1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(21)	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(20)	Trust: 0.3
vendor:	cisco	model:	nx-os 3.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.2.17	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.1.70	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.1.1.86	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.0.1.153	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	1.1.4.179	Trust: 0.3

sources: CNVD: CNVD-2018-11962 // BID: 104514 // JVNDB: JVNDB-2018-006597 // CNNVD: CNNVD-201806-1048 // NVD: CVE-2018-0308

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0308
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-0308
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-11962
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-1048
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-118510
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0308
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11962
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118510
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0308
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-11962 // VULHUB: VHN-118510 // JVNDB: JVNDB-2018-006597 // CNNVD: CNNVD-201806-1048 // NVD: CVE-2018-0308

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-20	Trust: 1.0

sources: VULHUB: VHN-118510 // JVNDB: JVNDB-2018-006597 // NVD: CVE-2018-0308

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1048

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201806-1048

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006597

PATCH

title:	cisco-sa-20180620-fxnxos-fab-ace	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace	Trust: 0.8
title:	Patch for CiscoFXOS and NX-OSSoftwareFabricServices Remote Code Execution Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/132603	Trust: 0.6
title:	Multiple Cisco product FXOS Software and NX-OS Software Fabric Services Fixes for component input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81113	Trust: 0.6

sources: CNVD: CNVD-2018-11962 // JVNDB: JVNDB-2018-006597 // CNNVD: CNNVD-201806-1048

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0308	Trust: 3.4
db:	BID	id:	104514	Trust: 2.6
db:	SECTRACK	id:	1041169	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-006597	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-1048	Trust: 0.7
db:	CNVD	id:	CNVD-2018-11962	Trust: 0.6
db:	VULHUB	id:	VHN-118510	Trust: 0.1

sources: CNVD: CNVD-2018-11962 // VULHUB: VHN-118510 // BID: 104514 // JVNDB: JVNDB-2018-006597 // CNNVD: CNNVD-201806-1048 // NVD: CVE-2018-0308

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-fxnxos-fab-ace	Trust: 2.6
url:	http://www.securityfocus.com/bid/104514	Trust: 1.7
url:	http://www.securitytracker.com/id/1041169	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0308	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0308	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-11962 // VULHUB: VHN-118510 // BID: 104514 // JVNDB: JVNDB-2018-006597 // CNNVD: CNNVD-201806-1048 // NVD: CVE-2018-0308

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104514

SOURCES

db:	CNVD	id:	CNVD-2018-11962
db:	VULHUB	id:	VHN-118510
db:	BID	id:	104514
db:	JVNDB	id:	JVNDB-2018-006597
db:	CNNVD	id:	CNNVD-201806-1048
db:	NVD	id:	CVE-2018-0308

LAST UPDATE DATE

2024-11-23T21:38:49.504000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11962	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118510	date:	2019-10-09T00:00:00
db:	BID	id:	104514	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006597	date:	2018-08-28T00:00:00
db:	CNNVD	id:	CNNVD-201806-1048	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0308	date:	2024-11-21T03:37:56.830

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-11962	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118510	date:	2018-06-20T00:00:00
db:	BID	id:	104514	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006597	date:	2018-08-28T00:00:00
db:	CNNVD	id:	CNNVD-201806-1048	date:	2018-06-21T00:00:00
db:	NVD	id:	CVE-2018-0308	date:	2018-06-20T21:29:00.623