CVE-2018-0311Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Firepower Extensible Operating System

CWE-399CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.8%
top 25.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Firepower Extensible Operating SystemCisco Nx-os
Timeline
PublishedJun 21
Latest updateMay 13

Description

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDcisco/nx-os< 7.3\(3\)n1\(1\)+9

🔴Vulnerability Details

2
GHSA
GHSA-5r6p-hgcc-whm4: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker2022-05-13
CVEList
CVE-2018-0311: A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker2018-06-21

📋Vendor Advisories

1
Cisco
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability2018-06-20
CVE-2018-0311 — Cisco vulnerability | cvebase