#VU13425 Improper input validation in Cisco NX-OS - CVE-2018-0291

Cybersecurity Help s.r.o.

Published: 2018-06-20 | Updated: 2018-06-22

Vulnerability identifier: #VU13425

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-0291

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco NX-OS
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists in the Simple Network Management Protocol (SNMP) input packet processor due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. A remote attacker can send a specially crafted SNMP packet and cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service condition.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco NX-OS: All versions

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco NX-OS