Main Vulnerability Database Vulnerabilities #VU13445

Buffer overflow in Cisco NX-OS - CVE-2018-0311

Published: June 20, 2018 / Updated: June 25, 2018

Vulnerability identifier: #VU13445

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2018-0311

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco NX-OS

Detailed vulnerability description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability in the Cisco Fabric Services component exists due to buffer overflow insufficient validation of Cisco Fabric Services packets when the software processes packet data. A remote attacker can send a maliciously crafted Cisco Fabric Services packet, trigger memory corruption and cause the service to crash.

How to mitigate CVE-2018-0311

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric...

Buffer overflow in Cisco NX-OS - CVE-2018-0311

Detailed vulnerability description

How to mitigate CVE-2018-0311

Sources

Please verify you're human