Main Vulnerability Database Vulnerabilities #VU13449

#VU13449 Buffer overflow in Cisco FXOS - CVE-2018-0298

Published: June 20, 2018 / Updated: June 25, 2018

Vulnerability identifier: #VU13449

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2018-0298

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco FXOS

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the web UI due to buffer overflow when handling malicious input. A remote attacker can send a malicious HTTP or HTTPS packet directed to the physical management interface and cause the process to crash and possibly reload the device.

Remediation

Install update from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos

#VU13449 Buffer overflow in Cisco FXOS - CVE-2018-0298

Description

Remediation

External links

Please verify you're human