← Back

CVE-2018-0295

nvd nist
Published: Jun 20, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387.

Affected (8)

Products: Cisco: Nx Os
Cisco
1 product
Nx Os
Configuration A
12 platform
Running on/withPlatform Versions
Cisco
Nexus 5000
All versions
Cisco
Nexus 5010
All versions
Cisco
Nexus 5020
All versions
Cisco
Nexus 5548p
All versions
Cisco
Nexus 5548up
All versions
Cisco
Nexus 5596t
All versions
Cisco
Nexus 5596up
All versions
Cisco
Nexus 56128p
All versions
Cisco
Nexus 5624q
All versions
Cisco
Nexus 5648q
All versions
Cisco
Nexus 5672up
All versions
Cisco
Nexus 5696q
All versions
Configuration B
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Nx Os
From 6.2 to 8.1\(2\)
Running on/withPlatform Versions
Cisco
Nexus 7000
All versions
Cisco
Nexus 7700
All versions
Configuration C
2 vulnerable · 19 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Before 7.0\(3\)i3
Nx Os
From 7.0\(3\)i4 to 7.0\(3\)i7\(1\)
Running on/withPlatform Versions
Cisco
Nexus 92160yc X
All versions
Cisco
Nexus 92304qc
All versions
Cisco
Nexus 9236c
All versions
Cisco
Nexus 9272q
All versions
Cisco
Nexus 93108tc Ex
All versions
Cisco
Nexus 93120tx
All versions
Cisco
Nexus 93128tx
All versions
Cisco
Nexus 93180yc Ex
All versions
Cisco
Nexus 9332pq
All versions
Cisco
Nexus 9372px
All versions
Cisco
Nexus 9372tx
All versions
Cisco
Nexus 9396px
All versions
Cisco
Nexus 9396tx
All versions
Cisco
Nexus 9504
All versions
Cisco
Nexus 9508
All versions
Cisco
Nexus 9516
All versions
Cisco
Nexus N9k C9508 Fm R
All versions
Cisco
Nexus N9k X9636c R
All versions
Cisco
Nexus N9k X9636q R
All versions
Configuration D
3 vulnerable · 28 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Before 7.0\(3\)i4
Nx Os
From 7.0\(3\)i5 to 7.0\(3\)i6\(2\)
Nx Os
Version 7.0(3)i7
Running on/withPlatform Versions
Cisco
Nexus 172tq Xl
All versions
Cisco
Nexus 3016
All versions
Cisco
Nexus 3048
All versions
Cisco
Nexus 3064 32t
All versions
Cisco
Nexus 3064 T
All versions
Cisco
Nexus 3064 X
All versions
Cisco
Nexus 3100 V
All versions
Cisco
Nexus 31128pq
All versions
Cisco
Nexus 3132c Z
All versions
Cisco
Nexus 3132q
All versions
Cisco
Nexus 3132q X
All versions
Cisco
Nexus 3132q Xl
All versions
Cisco
Nexus 3164q
All versions
Cisco
Nexus 3172pq
All versions
Cisco
Nexus 3172pq Xl
All versions
Cisco
Nexus 3172tq
All versions
Cisco
Nexus 3172tq 32t
All versions
Cisco
Nexus 3232c
All versions
Cisco
Nexus 3264c E
All versions
Cisco
Nexus 3264q
All versions
Cisco
Nexus 34180yc
All versions
Cisco
Nexus 3524 X
All versions
Cisco
Nexus 3524 Xl
All versions
Cisco
Nexus 3548
All versions
Cisco
Nexus 3548 X
All versions
Cisco
Nexus 3548 Xl
All versions
Cisco
Nexus 3636c R
All versions
Cisco
Nexus C36180yc R
All versions
Configuration E
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Nx Os
From 6.0 to 7.3\(3\)n1\(1\)
Running on/withPlatform Versions
Cisco
Nexus 6001p
All versions
Cisco
Nexus 6001t
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 7.0
Running on/withPlatform Versions
Cisco
Nexus 9500
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.