CVE-2018-0395
5.3
Vector
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.6 / Impact: 3.6
Source: NVD
Description
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly.
Affected (6)
Products: Cisco: Nx Os, Firepower Extensible Operating System
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.0(4) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 7000 10 Slot | All versions |
Cisco Nexus 7000 18 Slot | All versions |
Cisco Nexus 7000 4 Slot | All versions |
Cisco Nexus 7000 9 Slot | All versions |
Cisco Nexus 7700 10 Slot | All versions |
Cisco Nexus 7700 18 Slot | All versions |
Cisco Nexus 7700 2 Slot | All versions |
Cisco Nexus 7700 6 Slot | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version r231 | |
| Version r231 |
Configuration C
References (6)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.