Sign-up

ID

VAR-201806-1025


CVE

CVE-2018-0295


TITLE

Cisco NX-OS Software Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006891

DESCRIPTION

A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387. Vendors have confirmed this vulnerability CSCve79599 , CSCve87784 , CSCve91371 ,and CSCve91387 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. are products of Cisco. are all switch devices. FabricModules is a switch matrix module. NX-OSSoftware is the data center-level operating system software used by a set of switches running on it. BorderGatewayProtocol (BGP) is one of the boundary network protocols

Trust: 2.34

sources: NVD: CVE-2018-0295 // JVNDB: JVNDB-2018-006891 // CNVD: CNVD-2018-12386 // VULHUB: VHN-118497 // VULMON: CVE-2018-0295

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-12386

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i3

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i4

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i4

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:7.0\(3\)i5

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.3\(3\)n1\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i6\(2\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:6.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.0\(3\)i7

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:7.0\(3\)i7\(1\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:6.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:8.1\(2\)

Trust: 1.0

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nexus series switchescope:eqversion:3000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:7000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:6000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:7700

Trust: 0.6

vendor:ciscomodel:nexus platform switchesscope:eqversion:5600

Trust: 0.6

vendor:ciscomodel:nexus platform switchesscope:eqversion:5500

Trust: 0.6

vendor:ciscomodel:nexus platform switchesscope:eqversion:3500

Trust: 0.6

vendor:ciscomodel:nexus r-series line cards and fabric modulesscope:eqversion:9500

Trust: 0.6

vendor:ciscomodel:nexus platform switchesscope:eqversion:3600

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:9000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:2000

Trust: 0.6

vendor:ciscomodel:nexus series fabric switchesscope:eqversion:9000

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)i2\(3\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.0\(2\)u6\(1\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)i3\(1\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(1\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)i3\(4\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)i3\(3.78\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(2\)i3\(3\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(3\)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(4\)

Trust: 0.6

sources: CNVD: CNVD-2018-12386 // JVNDB: JVNDB-2018-006891 // CNNVD: CNNVD-201806-1052 // NVD: CVE-2018-0295

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0295
value: HIGH

Trust: 1.0

NVD: CVE-2018-0295
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-12386
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201806-1052
value: HIGH

Trust: 0.6

VULHUB: VHN-118497
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0295
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0295
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-12386
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118497
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0295
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-12386 // VULHUB: VHN-118497 // VULMON: CVE-2018-0295 // JVNDB: JVNDB-2018-006891 // CNNVD: CNNVD-201806-1052 // NVD: CVE-2018-0295

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118497 // JVNDB: JVNDB-2018-006891 // NVD: CVE-2018-0295

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-1052

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201806-1052

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006891

PATCH
title:cisco-sa-20180620-nxosbgpurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp
Trust: 0.8
title:Patches for several Cisco products NX-OSSoftware Denial of Service Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/133281
Trust: 0.6
title:Multiple Cisco product NX-OS Software Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81117
Trust: 0.6
title:Cisco: Cisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180620-nxosbgp
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-12386 // 
            
            
            
            VULMON: CVE-2018-0295 // 
            
            
            
            JVNDB: JVNDB-2018-006891 // 
            
            
            
            CNNVD: CNNVD-201806-1052

EXTERNAL IDS
db:NVDid:CVE-2018-0295
Trust: 3.2
db:SECTRACKid:1041169
Trust: 1.8
db:JVNDBid:JVNDB-2018-006891
Trust: 0.8
db:CNNVDid:CNNVD-201806-1052
Trust: 0.7
db:CNVDid:CNVD-2018-12386
Trust: 0.6
db:VULHUBid:VHN-118497
Trust: 0.1
db:VULMONid:CVE-2018-0295
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-12386 // 
            
            
            
            VULHUB: VHN-118497 // 
            
            
            
            VULMON: CVE-2018-0295 // 
            
            
            
            JVNDB: JVNDB-2018-006891 // 
            
            
            
            CNNVD: CNNVD-201806-1052 // 
            
            
            
            NVD: CVE-2018-0295

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-nxosbgp
Trust: 2.4
url:http://www.securitytracker.com/id/1041169
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0295
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0295
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/cisco-nx-os-cisco-sa-20180620-nxosbgp
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/145152
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-12386 // 
            
            
            
            VULHUB: VHN-118497 // 
            
            
            
            VULMON: CVE-2018-0295 // 
            
            
            
            JVNDB: JVNDB-2018-006891 // 
            
            
            
            CNNVD: CNNVD-201806-1052 // 
            
            
            
            NVD: CVE-2018-0295

SOURCES
db:CNVDid:CNVD-2018-12386
db:VULHUBid:VHN-118497
db:VULMONid:CVE-2018-0295
db:JVNDBid:JVNDB-2018-006891
db:CNNVDid:CNNVD-201806-1052
db:NVDid:CVE-2018-0295

LAST UPDATE DATE
2024-11-23T21:38:49.331000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-12386date:2018-06-30T00:00:00
db:VULHUBid:VHN-118497date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-0295date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-006891date:2018-09-04T00:00:00
db:CNNVDid:CNNVD-201806-1052date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0295date:2024-11-21T03:37:55.090

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-12386date:2018-06-30T00:00:00
db:VULHUBid:VHN-118497date:2018-06-20T00:00:00
db:VULMONid:CVE-2018-0295date:2018-06-20T00:00:00
db:JVNDBid:JVNDB-2018-006891date:2018-09-04T00:00:00
db:CNNVDid:CNNVD-201806-1052date:2018-06-21T00:00:00
db:NVDid:CVE-2018-0295date:2018-06-20T21:29:00.437