Details of VAR-201806-0999

ID

VAR-201806-0999

CVE

CVE-2018-0314

TITLE

Cisco FXOS and NX-OS Software buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006585

DESCRIPTION

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to execute arbitrary code on the device. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69943, CSCve02429, CSCve02433, CSCve02435, CSCve02445, CSCve04859. Vendors have confirmed this vulnerability Bug ID CSCvd69943 , CSCve02429 , CSCve02433 , CSCve02435 , CSCve02445 ,and CSCve04859 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-Generation Firewalls and so on are all products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall device. MDS9000SeriesMultilayerSwitches is a switch device. FXOSSoftware is a suite of firewall software running on Cisco security appliances. NX-OSSoftware is a suite of data center-level operating system software running on Cisco switch devices. FabricServices is one of the Fabric service components. Failed exploit attempts will likely result in a denial-of-service condition

Trust: 2.52

sources: NVD: CVE-2018-0314 // JVNDB: JVNDB-2018-006585 // CNVD: CNVD-2018-11964 // BID: 104516 // VULHUB: VHN-118516

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-11964

AFFECTED PRODUCTS

vendor:	cisco	model:	nexus 5000	scope:	eq	version:	7.0\(0\)hsk\(0.357\)	Trust: 1.6
vendor:	cisco	model:	nexus 5000	scope:	eq	version:	8.8\(0.1\)	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r211	Trust: 1.6
vendor:	cisco	model:	nexus 5000	scope:	eq	version:	8.1\(0.2\)s0	Trust: 1.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	3.1\(3a\)a	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.0\(1\)	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	8.1\(0.112\)s0	Trust: 1.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	7.0\(0\)hsk\(0.357\)	Trust: 1.6
vendor:	cisco	model:	firepower 9000	scope:	eq	version:	r231	Trust: 1.6
vendor:	cisco	model:	nexus 9000	scope:	eq	version:	8.1\(0\)bd\(0.20\)	Trust: 1.6
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	7.3\(2\)d1\(0.49\)	Trust: 1.0
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	90000	Trust: 0.9
vendor:	cisco	model:	nexus 5000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified computing system	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower 9000	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus series switche	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	6000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7700	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5600	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5500	Trust: 0.6
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	2000	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	3500	Trust: 0.6
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	9300	Trust: 0.6
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	9500	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	fabric services firepower series next-generation firewalls	scope:	eq	version:	4100	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6100	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6200	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	6300	Trust: 0.6
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	63000	Trust: 0.3
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	62000	Trust: 0.3
vendor:	cisco	model:	ucs series fabric interconnects	scope:	eq	version:	61000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	8.1	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.3	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.1	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	nexus r-series line cards and fabric modules	scope:	eq	version:	95000	Trust: 0.3
vendor:	cisco	model:	nexus series switches in standalone nx-os mode	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	77000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	eq	version:	1.1	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series next-generation firewall	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	8.1(2)	Trust: 0.3
vendor:	cisco	model:	nx-os 8.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 n1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.3 d1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 f3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(21)	Trust: 0.3
vendor:	cisco	model:	nx-os	scope:	ne	version:	6.2(20)	Trust: 0.3
vendor:	cisco	model:	nx-os 3.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.2.17	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.2.1.70	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.1.1.86	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	2.0.1.153	Trust: 0.3
vendor:	cisco	model:	fxos	scope:	ne	version:	1.1.4.179	Trust: 0.3

sources: CNVD: CNVD-2018-11964 // BID: 104516 // JVNDB: JVNDB-2018-006585 // CNNVD: CNNVD-201806-1046 // NVD: CVE-2018-0314

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0314
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-0314
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-11964
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-1046
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-118516
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0314
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11964
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118516
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0314
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-11964 // VULHUB: VHN-118516 // JVNDB: JVNDB-2018-006585 // CNNVD: CNNVD-201806-1046 // NVD: CVE-2018-0314

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-20	Trust: 1.0

sources: VULHUB: VHN-118516 // JVNDB: JVNDB-2018-006585 // NVD: CVE-2018-0314

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1046

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201806-1046

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006585

PATCH

title:	cisco-sa-20180620-fx-os-fabric-execution	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-execution	Trust: 0.8
title:	Patch for CiscoFXOS and NX-OSCFS Arbitrary Code Execution Vulnerability (CNVD-2018-11964)	url:	https://www.cnvd.org.cn/patchInfo/show/132609	Trust: 0.6
title:	Multiple Cisco product FXOS Software and NX-OS Software Fabric Services Fixes for component input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81111	Trust: 0.6

sources: CNVD: CNVD-2018-11964 // JVNDB: JVNDB-2018-006585 // CNNVD: CNNVD-201806-1046

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0314	Trust: 3.4
db:	BID	id:	104516	Trust: 2.6
db:	SECTRACK	id:	1041169	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-006585	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-1046	Trust: 0.7
db:	CNVD	id:	CNVD-2018-11964	Trust: 0.6
db:	VULHUB	id:	VHN-118516	Trust: 0.1

sources: CNVD: CNVD-2018-11964 // VULHUB: VHN-118516 // BID: 104516 // JVNDB: JVNDB-2018-006585 // CNNVD: CNNVD-201806-1046 // NVD: CVE-2018-0314

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-fx-os-fabric-execution	Trust: 2.6
url:	http://www.securityfocus.com/bid/104516	Trust: 1.7
url:	http://www.securitytracker.com/id/1041169	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0314	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0314	Trust: 0.8
url:	http://www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2018-11964 // VULHUB: VHN-118516 // BID: 104516 // JVNDB: JVNDB-2018-006585 // CNNVD: CNNVD-201806-1046 // NVD: CVE-2018-0314

CREDITS

Cisco

Trust: 0.3

sources: BID: 104516

SOURCES

db:	CNVD	id:	CNVD-2018-11964
db:	VULHUB	id:	VHN-118516
db:	BID	id:	104516
db:	JVNDB	id:	JVNDB-2018-006585
db:	CNNVD	id:	CNNVD-201806-1046
db:	NVD	id:	CVE-2018-0314

LAST UPDATE DATE

2024-11-23T21:38:49.367000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11964	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118516	date:	2019-10-09T00:00:00
db:	BID	id:	104516	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006585	date:	2018-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201806-1046	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0314	date:	2024-11-21T03:37:57.607

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-11964	date:	2018-06-23T00:00:00
db:	VULHUB	id:	VHN-118516	date:	2018-06-20T00:00:00
db:	BID	id:	104516	date:	2018-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-006585	date:	2018-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201806-1046	date:	2018-06-21T00:00:00
db:	NVD	id:	CVE-2018-0314	date:	2018-06-20T21:29:00.717