CVE-2018-0395
Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
Severity Score
5.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly.
Una vulnerabilidad en la implementación LLDP (Link Layer Discovery Protocol) para Cisco FXOS Software y Cisco NX-OS Software podría permitir que un atacante adyacente no autenticado cree una condición de denegación de servicio (DoS) cuando el dispositivo se recarga inesperadamente. Esta vulnerabilidad se debe a una validación incorrecta de entradas de determinados campos type, length y value (TLV) de la cabecera de la trama LLDP. Un atacante podría explotar esta vulnerabilidad enviando un paquete LLDP a una interfaz del dispositivo objetivo. Su explotación con éxito podría permitir que el atacante provoque el reinicio inesperado del switch.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-11-27 CVE Reserved
- 2018-10-17 CVE Published
- 2024-06-05 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105674 | Third Party Advisory | |
| http://www.securitytracker.com/id/1041919 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 10-slot Search vendor "Cisco" for product "Nexus 7000 10-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 18-slot Search vendor "Cisco" for product "Nexus 7000 18-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 4-slot Search vendor "Cisco" for product "Nexus 7000 4-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 9-slot Search vendor "Cisco" for product "Nexus 7000 9-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 10-slot Search vendor "Cisco" for product "Nexus 7700 10-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 18-slot Search vendor "Cisco" for product "Nexus 7700 18-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 2-slot Search vendor "Cisco" for product "Nexus 7700 2-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.0\(4\) Search vendor "Cisco" for product "Nx-os" and version "6.0\(4\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 6-slot Search vendor "Cisco" for product "Nexus 7700 6-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 10-slot Search vendor "Cisco" for product "Nexus 7000 10-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 18-slot Search vendor "Cisco" for product "Nexus 7000 18-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 4-slot Search vendor "Cisco" for product "Nexus 7000 4-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7000 9-slot Search vendor "Cisco" for product "Nexus 7000 9-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 10-slot Search vendor "Cisco" for product "Nexus 7700 10-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 18-slot Search vendor "Cisco" for product "Nexus 7700 18-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 2-slot Search vendor "Cisco" for product "Nexus 7700 2-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 6.1\(3\)s2 Search vendor "Cisco" for product "Nx-os" and version "6.1\(3\)s2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 7700 6-slot Search vendor "Cisco" for product "Nexus 7700 6-slot" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Extensible Operating System Search vendor "Cisco" for product "Firepower Extensible Operating System" | r231 Search vendor "Cisco" for product "Firepower Extensible Operating System" and version "r231" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 9300 Search vendor "Cisco" for product "Firepower 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | r231 Search vendor "Cisco" for product "Nx-os" and version "r231" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 9300 Search vendor "Cisco" for product "Firepower 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 12.3\(1e\) Search vendor "Cisco" for product "Nx-os" and version "12.3\(1e\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 9300 Search vendor "Cisco" for product "Firepower 9300" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 3.2\(3d\)c Search vendor "Cisco" for product "Nx-os" and version "3.2\(3d\)c" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs Search vendor "Cisco" for product "Ucs" | - | - |
Safe
|