CVE-2018-0378
Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches Precision Time Protocol Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Precision Time Protocol (PTP) feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of protection against PTP frame flood attacks. An attacker could exploit this vulnerability by sending large streams of malicious IPv4 or IPv6 PTP traffic to the affected device. A successful exploit could allow the attacker to cause a DoS condition, impacting the traffic passing through the device.
Una vulnerabilidad en la característica Precision Time Protocol (PTP) de Cisco Nexus 5500, 5600 y 6000 Series Switches que ejecutan Cisco NX-OS Software podría permitir que un atacante remoto no autenticado cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a la falta de protección contra ataques de inundación de tramas PTP. Un atacante podría explotar esta vulnerabilidad enviando grandes flujos de tráfico PTP IPv4 o IPv6 malicioso al dispositivo afectado. Su explotación con éxito podría permitir que un atacante provoque una denegación de servicio (DoS), lo que impacta en el tráfico que pasa a través del dispositivo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-10-17 CVE Published
- 2024-08-01 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105669 | Third Party Advisory | |
| http://www.securitytracker.com/id/1041920 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5548p Search vendor "Cisco" for product "Nexus 5548p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5548up Search vendor "Cisco" for product "Nexus 5548up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5596t Search vendor "Cisco" for product "Nexus 5596t" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5596up Search vendor "Cisco" for product "Nexus 5596up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 56128p Search vendor "Cisco" for product "Nexus 56128p" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5624q Search vendor "Cisco" for product "Nexus 5624q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5648q Search vendor "Cisco" for product "Nexus 5648q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5672up Search vendor "Cisco" for product "Nexus 5672up" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5672up-16g Search vendor "Cisco" for product "Nexus 5672up-16g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5696q Search vendor "Cisco" for product "Nexus 5696q" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6001 Search vendor "Cisco" for product "Nexus 6001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 7.3\(2\)n1\(0.8\) Search vendor "Cisco" for product "Nx-os" and version "7.3\(2\)n1\(0.8\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 6004 Search vendor "Cisco" for product "Nexus 6004" | - | - |
Safe
|