CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2018-0310

CVSS 9.8v3.0pub. 2018-06-21upd. 2024-11-21

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cisco Firepower 4110

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4120

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4140

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 4150

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower 9300 Security Appliance

    HW
    Cisco
    wszystkie wersje
  • Cisco Firepower Extensible Operating System

    OS
    Cisco
    2.0 – 2.0.1.153 (bez)2.2.2 – 2.2.2.17 (bez)2.2.1 – 2.2.1.70 (bez)2.1.1 – 2.1.1.86 (bez)1.1 – 1.1.4.179 (bez)
  • Cisco Nexus 172tq Xl

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2148t

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2224tp Ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2232pp 10ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2232tm 10ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2232tm E 10ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2248pq 10ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2248tp E

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 2248tp Ge

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3016

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3048

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3064 32t

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3064 T

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3064 X

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3100 V

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 31128pq

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3132c Z

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3132q

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3132q X

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3132q Xl

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3164q

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3172pq

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3172pq Xl

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 3172tq

    HW
    Cisco
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoSFirewall
CWE
References

Related vulnerabilities

CVE-2022-20829CRITICAL9.1ten sam produkt

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of...

CVE-2021-1361CRITICAL9.8ten sam produkt

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switc...

CVE-2019-1804CRITICAL9.8ten sam produkt

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (...

CVE-2018-0301CRITICAL9.8ten sam produkt

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker ...

CVE-2018-0308CRITICAL9.8ten sam produkt

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could a...