A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
Metrics
No CVSS v4.0
No CVSS v3.1
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
AV:N/AC:L/Au:N/C:N/I:N/A:C
This CVE is not in the KEV list.
Exploitation none
Automatable yes
Technical Impact partial
Affected Vendors & Products
Vendors | Products |
---|---|
Cisco |
|
Configuration 1 [-]
AND |
|
Configuration 2 [-]
AND |
|
Configuration 3 [-]
AND |
|
Configuration 4 [-]
AND |
|
Configuration 5 [-]
AND |
|
Configuration 6 [-]
AND |
|
Configuration 7 [-]
AND |
|
Configuration 8 [-]
AND |
|
Configuration 9 [-]
AND |
|
No data.
References
History
Fri, 29 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-06-21T11:00:00
Updated: 2024-11-29T14:57:32.415Z
Reserved: 2017-11-27T00:00:00
Link: CVE-2018-0311
Vulnrichment
Updated: 2024-08-05T03:21:15.129Z
NVD
Status : Modified
Published: 2018-06-21T11:29:00.663
Modified: 2024-11-21T03:37:57.213
Link: CVE-2018-0311
Redhat
No data.