CVE-2018-0309Uncontrolled Resource Consumption in Cisco Nx-os

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
7.7HIGHNVD
EPSS
1.0%
top 22.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedJun 21
Latest updateMay 13

Description

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon compl

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 3.1 | Impact: 4.0

Affected Packages1 packages

NVDcisco/nx-os7.0\(3\)i5\(2\), 7.0\(3\)i6\(1\)+1

🔴Vulnerability Details

2
GHSA
GHSA-57xh-q77w-pfgm: A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in s2022-05-13
CVEList
CVE-2018-0309: A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in s2018-06-21

📋Vendor Advisories

1
Cisco
Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability2018-06-20
CVE-2018-0309 — Uncontrolled Resource Consumption | cvebase