CVE-2018-0302

CWE-20Improper Input ValidationCWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
0.2%
top 63.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Firepower Extensible Operating SystemCisco Nx-os
Timeline
PublishedJun 21
Latest updateMay 13

Description

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulner

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5cisco_fxos_software_and_ucs_fabric_interconnect_unknownCisco FXOS Software and UCS Fabric Interconnect unknown
NVDcisco/nx-os3.1\(1k\)a

🔴Vulnerability Details

2
GHSA
GHSA-8989-fchh-h7r5: A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to ca2022-05-13
CVEList
CVE-2018-0302: A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to ca2018-06-21

📋Vendor Advisories

1
Cisco
Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability2018-06-20
CVE-2018-0302 (HIGH CVSS 7.8) | A vulnerability in the CLI parser o | cvebase.io