Cisco NX-OS Discovery Protocol Message resource management

Summaryinfo

A vulnerability was found in Cisco NX-OS. It has been classified as problematic. The impacted element is an unknown function of the component Discovery Protocol Handler. Performing a manipulation as part of Message results in resource management. This vulnerability is known as CVE-2018-0331. Access to the local network is required for this attack. No exploit is available.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Cisco NX-OS (Router Operating System) (unknown version). This affects an unknown code block of the component Discovery Protocol Handler. The manipulation as part of a Message leads to a resource management vulnerability. CWE is classifying the issue as CWE-399. This is going to have an impact on availability. The summary by CVE is:

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.

The bug was discovered 06/20/2018. The weakness was published 06/21/2018 as cisco-sa-20180620-nxos-cdp as confirmed advisory (Website). It is possible to read the advisory at tools.cisco.com. This vulnerability is uniquely identified as CVE-2018-0331 since 11/27/2017. Access to the local network is required for this attack. No form of authentication is needed for exploitation. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 03/28/2023).

The vulnerability was handled as a non-public zero-day exploit for at least 1 days. During that time the estimated underground price was around $5k-$25k. The commercial vulnerability scanner Qualys is able to test this issue with plugin 316292 (Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service Vulnerability( cisco-sa-20180620-nxos-cdp)).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Similar entries are available at VDB-119776, VDB-119774 and VDB-119771. Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• NX-OS

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion