Details of VAR-201810-0330

ID

VAR-201810-0330

CVE

CVE-2018-0456

TITLE

Cisco NX-OS Software input validation vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-014071 // CNNVD: CNNVD-201810-994

DESCRIPTION

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Cisco NX-OS The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco NX-OS is a network operating system for Cisco Nexus Series Ethernet Switches and MDS Series Fibre Channel Storage Area Network Switches. Cisco NX-OS Software is prone to a denial-of-service vulnerability An attacker can exploit this issue to restart the affected system, denying service to legitimate users. This issue is being tracked by Cisco bug ID CSCvj70029. Nexus 9500 R-Series Line Cards and Fabric Modules is a 9500 R-Series line card module. NX-OS Software is a data center-level operating system software used by a set of switches running on it. The following products are affected: Cisco Nexus 3000 Series Switches (NX-OS Software Release 7.0(3)I7(3)); Nexus 3600 Platform Switches (NX-OS Software Release 7.0(3)F3(4)); Nexus 9000 Series Switches in standalone NX-OS mode (NX-OS Software 7.0(3)I7(3) version); Nexus 9500 R-Series Line Cards and Fabric Modules (NX-OS Software 7.0(3)F3(4) version)

Trust: 2.52

sources: NVD: CVE-2018-0456 // JVNDB: JVNDB-2018-014071 // CNVD: CNVD-2018-23895 // BID: 105668 // VULHUB: VHN-118658

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-23895

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	nx-os	scope:	eq	version:	9.2\(0.43\)	Trust: 1.0
vendor:	cisco	model:	nx-os 7.0 i7	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nx-os 7.0 i7	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2018-23895 // BID: 105668 // JVNDB: JVNDB-2018-014071 // NVD: CVE-2018-0456

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0456
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-0456
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0456
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-23895
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201810-994
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118658
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0456
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-23895
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118658
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0456
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.1
impactScore:	4.0
version:	3.0
Trust: 2.8

sources: CNVD: CNVD-2018-23895 // VULHUB: VHN-118658 // JVNDB: JVNDB-2018-014071 // CNNVD: CNNVD-201810-994 // NVD: CVE-2018-0456 // NVD: CVE-2018-0456

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-118658 // JVNDB: JVNDB-2018-014071 // NVD: CVE-2018-0456

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-994

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-994

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014071

PATCH

title:	cisco-sa-20181017-nxos-snmp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-nxos-snmp	Trust: 0.8
title:	Patch for Cisco NX-OS Denial of Service Vulnerability (CNVD-2018-23895)	url:	https://www.cnvd.org.cn/patchInfo/show/145259	Trust: 0.6
title:	Cisco NX-OS Software Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86065	Trust: 0.6

sources: CNVD: CNVD-2018-23895 // JVNDB: JVNDB-2018-014071 // CNNVD: CNNVD-201810-994

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0456	Trust: 3.4
db:	BID	id:	105668	Trust: 2.6
db:	SECTRACK	id:	1041921	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-014071	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-994	Trust: 0.7
db:	CNVD	id:	CNVD-2018-23895	Trust: 0.6
db:	VULHUB	id:	VHN-118658	Trust: 0.1

sources: CNVD: CNVD-2018-23895 // VULHUB: VHN-118658 // BID: 105668 // JVNDB: JVNDB-2018-014071 // CNNVD: CNNVD-201810-994 // NVD: CVE-2018-0456

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181017-nxos-snmp	Trust: 2.6
url:	http://www.securityfocus.com/bid/105668	Trust: 1.7
url:	http://www.securitytracker.com/id/1041921	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0456	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0456	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-23895 // VULHUB: VHN-118658 // BID: 105668 // JVNDB: JVNDB-2018-014071 // CNNVD: CNNVD-201810-994 // NVD: CVE-2018-0456

CREDITS

Cisco

Trust: 0.3

sources: BID: 105668

SOURCES

db:	CNVD	id:	CNVD-2018-23895
db:	VULHUB	id:	VHN-118658
db:	BID	id:	105668
db:	JVNDB	id:	JVNDB-2018-014071
db:	CNNVD	id:	CNNVD-201810-994
db:	NVD	id:	CVE-2018-0456

LAST UPDATE DATE

2024-11-23T22:30:16.803000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-23895	date:	2018-11-23T00:00:00
db:	VULHUB	id:	VHN-118658	date:	2019-10-09T00:00:00
db:	BID	id:	105668	date:	2018-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2018-014071	date:	2019-03-11T00:00:00
db:	CNNVD	id:	CNNVD-201810-994	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0456	date:	2024-11-21T03:38:16.167

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-23895	date:	2018-11-23T00:00:00
db:	VULHUB	id:	VHN-118658	date:	2018-10-17T00:00:00
db:	BID	id:	105668	date:	2018-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2018-014071	date:	2019-03-11T00:00:00
db:	CNNVD	id:	CNNVD-201810-994	date:	2018-10-18T00:00:00
db:	NVD	id:	CVE-2018-0456	date:	2018-10-17T20:29:00.253