Main Vulnerability Database Vulnerabilities #VU13445

#VU13445 Buffer overflow in Cisco NX-OS - CVE-2018-0311

Published: June 20, 2018 / Updated: June 25, 2018

Vulnerability identifier: #VU13445

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2018-0311

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco NX-OS

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability in the Cisco Fabric Services component exists due to buffer overflow insufficient validation of Cisco Fabric Services packets when the software processes packet data. A remote attacker can send a maliciously crafted Cisco Fabric Services packet, trigger memory corruption and cause the service to crash.

Remediation

Install update from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric...

#VU13445 Buffer overflow in Cisco NX-OS - CVE-2018-0311

Description

Remediation

External links

Please verify you're human