ID

VAR-201810-0294


CVE

CVE-2018-0395


TITLE

Cisco FXOS and Cisco NX-OS Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014584

DESCRIPTION

A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly. Cisco FXOS and Cisco NX-OS The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoFXOS is a Firepower scalable operating system. Cisco NX-OS is a network operating system for Cisco Nexus Series Ethernet Switches and MDS Series Fibre Channel Storage Area Network Switches. This issue is being tracked by Cisco Bug IDs CSCuc98542, CSCvf23367, CSCvj94174 and CSCvj96148. Cisco Firepower 4100 Series Next-Generation Firewalls are all products of Cisco (Cisco). Cisco Firepower 4100 Series Next-Generation Firewalls is a 4100 series firewall device. Nexus 1000V Series Switches is a 1000V series switch device. FXOS Software is a set of firewall software running on Cisco security appliances. NX-OS Software is a set of data center-level operating system software running on Cisco switch equipment

Trust: 2.52

sources: NVD: CVE-2018-0395 // JVNDB: JVNDB-2018-014584 // CNVD: CNVD-2018-23896 // BID: 105674 // VULHUB: VHN-118597

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-23896

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope: - version: -

Trust: 1.4

vendor:ciscomodel:nx-osscope:eqversion:12.3\(1e\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:r231

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:3.2\(3d\)c

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.0\(4\)

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:6.1\(3\)s2

Trust: 1.0

vendor:ciscomodel:firepower extensible operating systemscope:eqversion:r231

Trust: 1.0

vendor:ciscomodel:fxosscope:eqversion:0

Trust: 0.9

vendor:ciscomodel:fx-osscope: - version: -

Trust: 0.8

vendor:ciscomodel:nexus series switches 13.2scope:neversion:9000

Trust: 0.6

vendor:ciscomodel:unified computing system 3.2 cscope: - version: -

Trust: 0.3

vendor:ciscomodel:nx-osscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switches 12.3scope:eqversion:9000

Trust: 0.3

vendor:ciscomodel:nexus series switches 6.1 s2scope:eqversion:7000

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:70006.0(4)

Trust: 0.3

vendor:ciscomodel:firepower series r231scope:eqversion:9000

Trust: 0.3

vendor:ciscomodel:unified computing system 4.0scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified computing system 3.2scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:900014.0(0.89)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:900014.0(0.88)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:900013.2(2.149)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:900013.2(1.143)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70006.2(2)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70006.1(3)

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:neversion:900092.3(1.2278)

Trust: 0.3

sources: CNVD: CNVD-2018-23896 // BID: 105674 // JVNDB: JVNDB-2018-014584 // NVD: CVE-2018-0395

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0395
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2018-0395
value: HIGH

Trust: 1.0

NVD: CVE-2018-0395
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-23896
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201810-999
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118597
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-0395
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-23896
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118597
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0395
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2018-0395
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2018-23896 // VULHUB: VHN-118597 // JVNDB: JVNDB-2018-014584 // CNNVD: CNNVD-201810-999 // NVD: CVE-2018-0395 // NVD: CVE-2018-0395

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118597 // JVNDB: JVNDB-2018-014584 // NVD: CVE-2018-0395

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201810-999

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-999

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014584

PATCH

title:cisco-sa-20181017-fxnx-os-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos

Trust: 0.8

title:Patch for CiscoFXOS and NX-OS Denial of Service Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/145261

Trust: 0.6

title:Cisco FXOS Software and NX-OS Software Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86068

Trust: 0.6

sources: CNVD: CNVD-2018-23896 // JVNDB: JVNDB-2018-014584 // CNNVD: CNNVD-201810-999

EXTERNAL IDS

db:NVDid:CVE-2018-0395

Trust: 3.4

db:BIDid:105674

Trust: 2.6

db:SECTRACKid:1041919

Trust: 1.7

db:JVNDBid:JVNDB-2018-014584

Trust: 0.8

db:CNNVDid:CNNVD-201810-999

Trust: 0.7

db:CNVDid:CNVD-2018-23896

Trust: 0.6

db:VULHUBid:VHN-118597

Trust: 0.1

sources: CNVD: CNVD-2018-23896 // VULHUB: VHN-118597 // BID: 105674 // JVNDB: JVNDB-2018-014584 // CNNVD: CNNVD-201810-999 // NVD: CVE-2018-0395

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181017-fxnx-os-dos

Trust: 2.6

url:http://www.securityfocus.com/bid/105674

Trust: 2.3

url:http://www.securitytracker.com/id/1041919

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0395

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0395

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: CNVD: CNVD-2018-23896 // VULHUB: VHN-118597 // BID: 105674 // JVNDB: JVNDB-2018-014584 // CNNVD: CNNVD-201810-999 // NVD: CVE-2018-0395

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105674

SOURCES

db:CNVDid:CNVD-2018-23896
db:VULHUBid:VHN-118597
db:BIDid:105674
db:JVNDBid:JVNDB-2018-014584
db:CNNVDid:CNNVD-201810-999
db:NVDid:CVE-2018-0395

LAST UPDATE DATE

2024-08-14T15:28:47.859000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-23896date:2018-11-23T00:00:00
db:VULHUBid:VHN-118597date:2019-10-09T00:00:00
db:BIDid:105674date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-014584date:2019-03-28T00:00:00
db:CNNVDid:CNNVD-201810-999date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0395date:2023-04-20T17:17:59.437

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-23896date:2018-11-23T00:00:00
db:VULHUBid:VHN-118597date:2018-10-17T00:00:00
db:BIDid:105674date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-014584date:2019-03-28T00:00:00
db:CNNVDid:CNNVD-201810-999date:2018-10-18T00:00:00
db:NVDid:CVE-2018-0395date:2018-10-17T19:29:00.303