Details of VAR-201806-0997

ID

VAR-201806-0997

CVE

CVE-2018-0312

TITLE

Cisco FXOS and NX-OS Software buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006598

DESCRIPTION

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to execute arbitrary code or cause a DoS condition on the device. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69962, CSCve02808, CSCve02810, CSCve02812, CSCve02819, CSCve02822, CSCve02831, CSCve04859. Cisco FXOS and NX-OS The software contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvd69962 , CSCve02808 , CSCve02810 , CSCve02812 , CSCve02819 , CSCve02822 , CSCve02831 ,and CSCve04859 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-Generation Firewalls and so on are all products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall device. MDS9000SeriesMultilayerSwitches is a switch device. FXOSSoftware is a suite of firewall software running on Cisco security appliances. NX-OSSoftware is a suite of data center-level operating system software running on Cisco switch devices. FabricServices is one of the Fabric service components. Failed exploit attempts will likely result in a denial-of-service condition

Trust: 2.52

sources: NVD: CVE-2018-0312 // JVNDB: JVNDB-2018-006598 // CNVD: CNVD-2018-11963 // BID: 104515 // VULHUB: VHN-118514

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-11963

AFFECTED PRODUCTS

vendor:	cisco	model:	nexus 5000	scope:	eq	version:	7.0\(0\)hsk\(0.357\)	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r211	Trust: 1.6
vendor:	cisco	model:	nexus 9000	scope:	eq	version:	8.1\(1\)s4	Trust: 1.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	3.1\(3a\)a	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.0\(1\)	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.1\(0.112\)s0	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	7.3\(2\)d1\(0.49\)	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r231	Trust: 1.6
vendor:	cisco	model:	nexus 9000	scope:	eq	version:	8.1\(0\)bd\(0.20\)	Trust: 1.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6200	Trust: 1.2
vendor:	cisco	model:	nexus 5000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified computing system	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus series switche	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	6000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7700	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5600	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5500	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	3500	Trust: 0.6
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	9300	Trust: 0.6
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	9500	Trust: 0.6
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	fabric services firepower series next-generation firewalls	scope:	eq	version:	4100	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6100	Trust: 0.6
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	2000	Trust: 0.6
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	63000	Trust: 0.3
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	62000	Trust: 0.3
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	61000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	8.1	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches in standalone nx-os mode	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	77000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	1.1	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series next-generation firewall	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	8.1(2)	Trust: 0.3
vendor:	cisco	model:	nx-os 8.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 n1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 d1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(21)	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(20)	Trust: 0.3
vendor:	cisco	model:	nx-os 3.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.2.17	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.1.70	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.1.1.86	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.0.1.153	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	1.1.4.179	Trust: 0.3

sources: CNVD: CNVD-2018-11963 // BID: 104515 // JVNDB: JVNDB-2018-006598 // CNNVD: CNNVD-201806-1047 // NVD: CVE-2018-0312

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0312
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-0312
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-11963
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-1047
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-118514
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0312
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11963
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118514
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0312
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-11963 // VULHUB: VHN-118514 // JVNDB: JVNDB-2018-006598 // CNNVD: CNNVD-201806-1047 // NVD: CVE-2018-0312

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-20	Trust: 1.0

sources: VULHUB: VHN-118514 // JVNDB: JVNDB-2018-006598 // NVD: CVE-2018-0312

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1047

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201806-1047

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006598

PATCH

title:	cisco-sa-20180620-fx-os-cli-execution	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-cli-execution	Trust: 0.8
title:	Patch for CiscoFXOS and NX-OSCFS arbitrary code execution vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/132607	Trust: 0.6
title:	Multiple Cisco product FXOS Software and NX-OS Software Fabric Services Fixes for component input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81112	Trust: 0.6

sources: CNVD: CNVD-2018-11963 // JVNDB: JVNDB-2018-006598 // CNNVD: CNNVD-201806-1047

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0312	Trust: 3.4
db:	BID	id:	104515	Trust: 2.0
db:	SECTRACK	id:	1041169	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-006598	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-1047	Trust: 0.7
db:	CNVD	id:	CNVD-2018-11963	Trust: 0.6
db:	VULHUB	id:	VHN-118514	Trust: 0.1

sources: CNVD: CNVD-2018-11963 // VULHUB: VHN-118514 // BID: 104515 // JVNDB: JVNDB-2018-006598 // CNNVD: CNNVD-201806-1047 // NVD: CVE-2018-0312

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-fx-os-cli-execution	Trust: 2.6
url:	http://www.securityfocus.com/bid/104515	Trust: 1.7
url:	http://www.securitytracker.com/id/1041169	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0312	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0312	Trust: 0.8
url:	http://www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2018-11963 // VULHUB: VHN-118514 // BID: 104515 // JVNDB: JVNDB-2018-006598 // CNNVD: CNNVD-201806-1047 // NVD: CVE-2018-0312

CREDITS

Cisco

Trust: 0.3

sources: BID: 104515

SOURCES

db:	CNVD	id:	CNVD-2018-11963
db:	VULHUB	id:	VHN-118514
db:	BID	id:	104515
db:	JVNDB	id:	JVNDB-2018-006598
db:	CNNVD	id:	CNNVD-201806-1047
db:	NVD	id:	CVE-2018-0312

LAST UPDATE DATE

2024-11-23T21:38:48.962000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11963	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118514	date:	2019-10-09T00:00:00
db:	BID	id:	104515	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006598	date:	2018-08-28T00:00:00
db:	CNNVD	id:	CNNVD-201806-1047	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0312	date:	2024-11-21T03:37:57.353

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-11963	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118514	date:	2018-06-20T00:00:00
db:	BID	id:	104515	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006598	date:	2018-08-28T00:00:00
db:	CNNVD	id:	CNNVD-201806-1047	date:	2018-06-21T00:00:00
db:	NVD	id:	CVE-2018-0312	date:	2018-06-20T21:29:00.670