Sign-up

ID

VAR-201806-1011


CVE

CVE-2018-0331


TITLE

Cisco NX-OS Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006897

DESCRIPTION

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007. Cisco NX-OS The software contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvc89242 , CSCve40943 , CSCve40953 , CSCve40965 , CSCve40970 , CSCve40978 , CSCve40992 , CSCve41000 , CSCve41007 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series Next-GenerationFirewall and so on are products of Cisco. The Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 Series firewall product. MultilayerDirectorSwitches is a gateway device. FirepowerExtensibleOperatingSystem (FXOS) and NX-OS System Software are both used in the system. NX-OSSoftware is a data center-oriented operating system. An attacker could exploit the vulnerability by submitting a Cisco DiscoveryProtocol message to cause a denial of service. The Firepower Extensible Operating System (FXOS) and NX-OS System Software are among the systems used

Trust: 2.25

sources: NVD: CVE-2018-0331 // JVNDB: JVNDB-2018-006897 // CNVD: CNVD-2018-14578 // VULHUB: VHN-118533

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-14578

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:ltversion:3.1\(2f\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:2.2\(8g\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:6.2\(20\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.3\(3\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:6.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:6.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.2\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.2\(2\)d1\(3\)

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:gteversion:1.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:8.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:2.5

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:8.0

Trust: 1.0

vendor:ciscomodel:fxosscope:gteversion:1.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i4

Trust: 1.0

vendor:ciscomodel:fxosscope:ltversion:2.0.1.152

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:ltversion:2.0.1.153

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:ltversion:2.1.1.86

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:5.2

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:ltversion:2.2.1.70

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:gteversion:2.2.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.1\(1a\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:8.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.3\(2\)d1\(1\)

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:gteversion:2.1.1

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i3

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.1\(5\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.3

Trust: 1.0

vendor:ciscomodel:fxosscope:gteversion:2.2.2

Trust: 1.0

vendor:ciscomodel:fxosscope:ltversion:2.2.2.14

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i7\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.1\(2\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:fx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:multilayer director switchesscope: - version: -

Trust: 0.6

vendor:ciscomodel:firepower series next-generation firewallscope:eqversion:4100

Trust: 0.6

vendor:ciscomodel:firepower extensible operating systemscope: - version: -

Trust: 0.6

vendor:ciscomodel:firepower series next-generation firewallsscope:eqversion:41000

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2\(2\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:5.0\(3\)n2\(2b\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2\(1\)sv1\(5.1\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:5.0\(3\)u1\(1b\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2\(3\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:5.0\(3\)u1\(1\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:5.0\(3\)u1\(1a\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:5.0\(3\)n2\(2\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2\(1\)sv1\(4a\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2\(1\)sv1\(4\)

Trust: 0.6

sources: CNVD: CNVD-2018-14578 // JVNDB: JVNDB-2018-006897 // CNNVD: CNNVD-201806-1119 // NVD: CVE-2018-0331

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0331
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0331
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-14578
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201806-1119
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118533
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0331
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-14578
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118533
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0331
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2018-0331
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-14578 // VULHUB: VHN-118533 // JVNDB: JVNDB-2018-006897 // CNNVD: CNNVD-201806-1119 // NVD: CVE-2018-0331

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-118533 // JVNDB: JVNDB-2018-006897 // NVD: CVE-2018-0331

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201806-1119

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201806-1119

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006897

PATCH
title:cisco-sa-20180620-nxos-cdpurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp
Trust: 0.8
title:Patches for several Cisco products NX-OSSoftwareDiscoveryProtocol subsystem resource management error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/136343
Trust: 0.6
title:Multiple Cisco product NX-OS Software Discovery Protocol Fixes for Subsystem Resource Management Error Vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81450
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-14578 // 
            
            
            
            JVNDB: JVNDB-2018-006897 // 
            
            
            
            CNNVD: CNNVD-201806-1119

EXTERNAL IDS
db:NVDid:CVE-2018-0331
Trust: 3.1
db:SECTRACKid:1041169
Trust: 1.7
db:JVNDBid:JVNDB-2018-006897
Trust: 0.8
db:CNNVDid:CNNVD-201806-1119
Trust: 0.7
db:CNVDid:CNVD-2018-14578
Trust: 0.6
db:VULHUBid:VHN-118533
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-14578 // 
            
            
            
            VULHUB: VHN-118533 // 
            
            
            
            JVNDB: JVNDB-2018-006897 // 
            
            
            
            CNNVD: CNNVD-201806-1119 // 
            
            
            
            NVD: CVE-2018-0331

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-nxos-cdp
Trust: 2.3
url:http://www.securitytracker.com/id/1041169
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0331
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0331
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2018-14578 // 
            
            
            
            VULHUB: VHN-118533 // 
            
            
            
            JVNDB: JVNDB-2018-006897 // 
            
            
            
            CNNVD: CNNVD-201806-1119 // 
            
            
            
            NVD: CVE-2018-0331

SOURCES
db:CNVDid:CNVD-2018-14578
db:VULHUBid:VHN-118533
db:JVNDBid:JVNDB-2018-006897
db:CNNVDid:CNNVD-201806-1119
db:NVDid:CVE-2018-0331

LAST UPDATE DATE
2024-11-23T21:38:49.403000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-14578date:2018-08-03T00:00:00
db:VULHUBid:VHN-118533date:2020-08-31T00:00:00
db:JVNDBid:JVNDB-2018-006897date:2018-09-04T00:00:00
db:CNNVDid:CNNVD-201806-1119date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0331date:2024-11-21T03:37:59.720

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-14578date:2018-08-03T00:00:00
db:VULHUBid:VHN-118533date:2018-06-21T00:00:00
db:JVNDBid:JVNDB-2018-006897date:2018-09-04T00:00:00
db:CNNVDid:CNNVD-201806-1119date:2018-06-22T00:00:00
db:NVDid:CVE-2018-0331date:2018-06-21T11:29:00.773