Sign-up

ID

VAR-201807-0421


CVE

CVE-2018-0372


TITLE

Cisco Nexus 9000 Series Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-009081

DESCRIPTION

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918. Vendors have confirmed this vulnerability Bug IDs: CSCvg38918 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

Trust: 2.25

sources: NVD: CVE-2018-0372 // JVNDB: JVNDB-2018-009081 // CNVD: CNVD-2018-14080 // VULHUB: VHN-118574

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-14080

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:13.0\(1k\)

Trust: 1.6

vendor:ciscomodel:nexus 9000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:nexus series fabric switches 13.0scope:eqversion:9000

Trust: 0.6

sources: CNVD: CNVD-2018-14080 // JVNDB: JVNDB-2018-009081 // CNNVD: CNNVD-201807-1300 // NVD: CVE-2018-0372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0372
value: HIGH

Trust: 1.0

NVD: CVE-2018-0372
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-14080
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201807-1300
value: HIGH

Trust: 0.6

VULHUB: VHN-118574
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0372
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-14080
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118574
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0372
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-14080 // VULHUB: VHN-118574 // JVNDB: JVNDB-2018-009081 // CNNVD: CNNVD-201807-1300 // NVD: CVE-2018-0372

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-118574 // JVNDB: JVNDB-2018-009081 // NVD: CVE-2018-0372

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1300

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201807-1300

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-009081

PATCH
title:cisco-20180718-nexus-9000-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos
Trust: 0.8
title:Patch for Cisco Nexus 9000 Series FabricSwitches DHCPv6 Feature Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/135537
Trust: 0.6
title:Cisco Nexus 9000 Series Fabric Switches Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82201
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-14080 // 
            
            
            
            JVNDB: JVNDB-2018-009081 // 
            
            
            
            CNNVD: CNNVD-201807-1300

EXTERNAL IDS
db:NVDid:CVE-2018-0372
Trust: 3.1
db:SECTRACKid:1041348
Trust: 1.7
db:JVNDBid:JVNDB-2018-009081
Trust: 0.8
db:CNNVDid:CNNVD-201807-1300
Trust: 0.7
db:CNVDid:CNVD-2018-14080
Trust: 0.6
db:VULHUBid:VHN-118574
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-14080 // 
            
            
            
            VULHUB: VHN-118574 // 
            
            
            
            JVNDB: JVNDB-2018-009081 // 
            
            
            
            CNNVD: CNNVD-201807-1300 // 
            
            
            
            NVD: CVE-2018-0372

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-20180718-nexus-9000-dos
Trust: 1.7
url:http://www.securitytracker.com/id/1041348
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-0372
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0372
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2018-14080 // 
            
            
            
            VULHUB: VHN-118574 // 
            
            
            
            JVNDB: JVNDB-2018-009081 // 
            
            
            
            CNNVD: CNNVD-201807-1300 // 
            
            
            
            NVD: CVE-2018-0372

SOURCES
db:CNVDid:CNVD-2018-14080
db:VULHUBid:VHN-118574
db:JVNDBid:JVNDB-2018-009081
db:CNNVDid:CNNVD-201807-1300
db:NVDid:CVE-2018-0372

LAST UPDATE DATE
2024-11-23T22:06:45.737000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-14080date:2018-07-27T00:00:00
db:VULHUBid:VHN-118574date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-009081date:2018-11-07T00:00:00
db:CNNVDid:CNNVD-201807-1300date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0372date:2024-11-21T03:38:05.300

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-14080date:2018-07-27T00:00:00
db:VULHUBid:VHN-118574date:2018-07-18T00:00:00
db:JVNDBid:JVNDB-2018-009081date:2018-11-07T00:00:00
db:CNNVDid:CNNVD-201807-1300date:2018-07-19T00:00:00
db:NVDid:CVE-2018-0372date:2018-07-18T23:29:00.727