Denial of service vulnerabilities in Cisco NX-OS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-0378 CVE-2018-0456 CVE-2018-0395 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco NX-OS Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU15420
Risk: Low
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0378
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the Precision Time Protocol (PTP) feature due to a lack of protection against PTP frame flood attacks. A remote attacker can send large streams of malicious IPv4 or IPv6 PTP traffic to and cause a DoS condition, impacting the traffic passing through the device.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: 7.3.2 N1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU15422
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0456
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. A remote attacker can send SNMP packet and cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.
MitigationUpdate to version 7.0(3)I7(4).
Vulnerable software versionsCisco NX-OS: 7.0.3 I7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-nxos-snmp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU15423
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0395
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows an adjacent unauthenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the Link Layer Discovery Protocol (LLDP) implementation due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An adjacent attacker can send a specially crafted LLDP packet to an interface and cause the switch to reload unexpectedly.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: 5.0 - 6.3
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
