CVE-2018-0456 — Improper Input Validation in Cisco Nx-os Software FOR Nexus 3000 Series 7.0 I7

CWE-20 — Improper Input Validation4 documents4 sources

Severity

7.7HIGHNVD

EPSS

0.9%

top 23.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os Software FOR Nexus 3000 Series 7.0 I7 Cisco Nx-os

Timeline

PublishedOct 17

Latest updateMay 13

Description

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 3.1 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5cisco/cisco_nx-os_software_for_nexus_3000_series_7.0_i7n/a

▶NVDcisco/nx-os9.2\(0.43\)

🔴Vulnerability Details

GHSA

GHSA-mcfh-7562-cxpx: A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote a↗2022-05-13

▶

CVEList

Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability↗2018-10-17

▶

📋Vendor Advisories

Cisco

Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability↗2018-10-17

▶