Denial of service in Cisco Nexus 3000 and 9000 Series switches

1) Resource exhaustion

EUVDB-ID: #VU13415

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-0309

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists in the associated Simple Network Management Protocol (SNMP) MIB for Cisco Nexus 3000 and 9000 Series Switches due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. A remote attacker can authenticate to the affected device and repeatedly issue a specific CLI command or send a specific SNMP poll request for a specific Object Identifier (OID) and cause the IP routing process to restart or to cause a device to reset.

Mitigation

The vulnerability is fixed in the versions 7.0(3)I4(8), 7.0(3)I7(1), 7.0(3)I6(2).

Vulnerable software versions

Cisco Nexus 9000 Series Switches: 7.0.3 I5.2 - 7.0.3 I6.1

Cisco Nexus 3000 Series Switches: 7.0.3 I5.2 - 7.0.3 I6.1

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clis...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.