Cisco FXOS/NX-OS Fabric Services Packet resource management

Summaryinfo

A vulnerability has been found in Cisco FXOS and NX-OS and classified as critical. Impacted is an unknown function of the component Fabric Services. This manipulation as part of Packet causes resource management. This vulnerability appears as CVE-2018-0311. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

Detailsinfo

A vulnerability classified as critical was found in Cisco FXOS and NX-OS (Router Operating System) (the affected version unknown). Affected by this vulnerability is an unknown part of the component Fabric Services. The manipulation as part of a Packet leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.

The bug was discovered 06/20/2018. The weakness was presented 06/21/2018 as cisco-sa-20180620-nx-os-fabric / CSCve41557 as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is known as CVE-2018-0311 since 11/27/2017. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available.

The vulnerability scanner Nessus provides a plugin with the ID 110687 (Cisco NX-OS Cisco Fabric Services Multiple Vulnerabilities.), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CISCO and running in the context c. The commercial vulnerability scanner Qualys is able to test this issue with plugin 316293 (Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability(cisco-sa-20180620-nx-os-fabric-services-dos)).

Upgrading eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (110687). See VDB-119748, VDB-119750, VDB-119751 and VDB-119752 for similar entries. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• FXOS
• NX-OS

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion