Vulnerability-Lookup

BDU:2018-01343

Vulnerability from fstec - Published: 17.10.2018

Title

Уязвимость в реализации протокола Link Layer Discovery Protocol (LLDP) сетевых операционных систем Cisco FX-OS и Cisco NX-OS, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость в реализации протокола Link Layer Discovery Protocol (LLDP) сетевых операционных систем Cisco FX-OS и Cisco NX-OS вызвана ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании с помощью специально сформированного LLDP-кадра

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Cisco Systems Inc.

Software Name

NX-OS, FX-OS

Software Version

6.0(2)N2(2) (NX-OS), 5.2(5) (NX-OS), 6.0(2) (NX-OS), 5.2(4) (NX-OS), до 2.3.1.58 (FX-OS), 5.0(3)U1(1) (NX-OS), 5.0(3)U1(1a) (NX-OS), 5.0(3)U1(1b) (NX-OS), 5.0(3)U1(1d) (NX-OS), 5.0(3)U1(2) (NX-OS), 5.0(3)U1(2a) (NX-OS), 5.0(3)U2(1) (NX-OS), 5.0(3)U2(2) (NX-OS), 5.0(3)U2(2a) (NX-OS), 5.0(3)U2(2b) (NX-OS), 5.0(3)U2(2c) (NX-OS), 5.0(3)U2(2d) (NX-OS), 5.0(3)U3(1) (NX-OS), 5.0(3)U3(2) (NX-OS), 5.0(3)U3(2a) (NX-OS), 5.0(3)U3(2b) (NX-OS), 5.0(3)U4(1) (NX-OS), 5.0(3)U5(1) (NX-OS), 5.0(3)U5(1a) (NX-OS), 5.0(3)U5(1b) (NX-OS), 5.0(3)U5(1c) (NX-OS), 5.0(3)U5(1d) (NX-OS), 5.0(3)U5(1e) (NX-OS), 6.0(2)U1(1) (NX-OS), 5.0(3)U5(1f) (NX-OS), 5.0(3)U5(1g) (NX-OS), 5.0(3)U5(1h) (NX-OS), 6.0(2)U1(1a) (NX-OS), 5.0(3)U1(1c) (NX-OS), 5.0(3)U5(1i) (NX-OS), 5.0(3)U5(1j) (NX-OS), 4.0(0)N1(1a) (NX-OS), 4.0(0)N1(2) (NX-OS), 4.0(0)N1(2a) (NX-OS), 4.0(1a)N1(1) (NX-OS), 4.0(1a)N1(1a) (NX-OS), 4.0(1a)N2(1) (NX-OS), 4.0(1a)N2(1a) (NX-OS), 4.1(3)N1(1) (NX-OS), 4.1(3)N1(1a (NX-OS), 4.1(3)N2(1) (NX-OS), 4.1(3)N2(1a) (NX-OS), 4.2(1)N1(1) (NX-OS), 4.2(1)N2(1) (NX-OS), 4.2(1)N2(1a) (NX-OS), 5.0(2)N1(1) (NX-OS), 5.0(3)N1(1c) (NX-OS), 5.0(2)N2(1) (NX-OS), 5.0(2)N2(1a) (NX-OS), 5.0(3)N2(1) (NX-OS), 5.0(3)N2(2) (NX-OS), 5.0(3)N2(2a) (NX-OS), 5.0(3)N2(2b) (NX-OS), 5.1(3)N1(1) (NX-OS), 5.1(3)N1(1a) (NX-OS), 5.1(3)N2(1) (NX-OS), 5.1(3)N2(1a) (NX-OS), 5.1(3)N2(1b) (NX-OS), 5.1(3)N2(1c) (NX-OS), 5.2(1)N1(1) (NX-OS), 5.2(1)N1(1a) (NX-OS), 5.2(1)N1(1b) (NX-OS), 5.2(1)N1(2) (NX-OS), 5.2(1)N1(2a) (NX-OS), 5.2(1)N1(3) (NX-OS), 5.2(1)N1(4) (NX-OS), 5.2(1)N1(5) (NX-OS), 5.2(1)N1(6) (NX-OS), 5.2(1)N1(7) (NX-OS), 5.2(1)N1(8a) (NX-OS), 6.0(2)N1(1) (NX-OS), 6.0(2)N1(2) (NX-OS), 6.0(2)N1(2a) (NX-OS), 6.0(2)N2(1) (NX-OS), 6.0(2)N2(1b) (NX-OS), 6.0(2)N2(3) (NX-OS), 6.0(2)N2(4) (NX-OS), 6.0(2)N2(5) (NX-OS), 5.2(1)N1(8) (NX-OS), 5.2(9)N1(1) (NX-OS), 6.0(2)N2(5a) (NX-OS), 6.0(2)N2(6) (NX-OS), 6.0(2)N2(7) (NX-OS), 8.0(1)S2 (NX-OS), 6.0(2)N1(1a) (NX-OS), 4.1.(2) (NX-OS), 4.1.(3) (NX-OS), 4.1.(4) (NX-OS), 4.1.(5) (NX-OS), 4.2.(2a) (NX-OS), 4.2(3) (NX-OS), 4.2(4) (NX-OS), 4.2(6) (NX-OS), 4.2(8) (NX-OS), 5.0(2a) (NX-OS), 5.0(3) (NX-OS), 5.0(5) (NX-OS), 5.1(1) (NX-OS), 5.1(1a) (NX-OS), 5.1(3) (NX-OS), 5.1(4) (NX-OS), 5.1(5) (NX-OS), 5.1(6) (NX-OS), 5.2(1) (NX-OS), 5.2(3a) (NX-OS), 5.2(7) (NX-OS), 6.0(1) (NX-OS), 6.0(3) (NX-OS), 6.0(4) (NX-OS), 5.2(3) (NX-OS), 5.0(3)N1(1) (NX-OS), 5.0(3)N1(1a) (NX-OS), 5.0(3)N1(1b) (NX-OS), 5.2(1)N1(8b) (NX-OS), 5.2(1)N1(9) (NX-OS), 5.2(1)N1(9a) (NX-OS), 5.2(1)N1(9b) (NX-OS)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos https://nvd.nist.gov/vuln/detail/CVE-2018-0395

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "6.0(2)N2(2) (NX-OS), 5.2(5) (NX-OS), 6.0(2) (NX-OS), 5.2(4) (NX-OS), \u0434\u043e 2.3.1.58 (FX-OS), 5.0(3)U1(1) (NX-OS), 5.0(3)U1(1a) (NX-OS), 5.0(3)U1(1b) (NX-OS), 5.0(3)U1(1d) (NX-OS), 5.0(3)U1(2) (NX-OS), 5.0(3)U1(2a) (NX-OS), 5.0(3)U2(1) (NX-OS), 5.0(3)U2(2) (NX-OS), 5.0(3)U2(2a) (NX-OS), 5.0(3)U2(2b) (NX-OS), 5.0(3)U2(2c) (NX-OS), 5.0(3)U2(2d) (NX-OS), 5.0(3)U3(1) (NX-OS), 5.0(3)U3(2) (NX-OS), 5.0(3)U3(2a) (NX-OS), 5.0(3)U3(2b) (NX-OS), 5.0(3)U4(1) (NX-OS), 5.0(3)U5(1) (NX-OS), 5.0(3)U5(1a) (NX-OS), 5.0(3)U5(1b) (NX-OS), 5.0(3)U5(1c) (NX-OS), 5.0(3)U5(1d) (NX-OS), 5.0(3)U5(1e) (NX-OS), 6.0(2)U1(1) (NX-OS), 5.0(3)U5(1f) (NX-OS), 5.0(3)U5(1g) (NX-OS), 5.0(3)U5(1h) (NX-OS), 6.0(2)U1(1a) (NX-OS), 5.0(3)U1(1c) (NX-OS), 5.0(3)U5(1i) (NX-OS), 5.0(3)U5(1j) (NX-OS), 4.0(0)N1(1a) (NX-OS), 4.0(0)N1(2) (NX-OS), 4.0(0)N1(2a) (NX-OS), 4.0(1a)N1(1) (NX-OS), 4.0(1a)N1(1a) (NX-OS), 4.0(1a)N2(1) (NX-OS), 4.0(1a)N2(1a) (NX-OS), 4.1(3)N1(1) (NX-OS), 4.1(3)N1(1a (NX-OS), 4.1(3)N2(1) (NX-OS), 4.1(3)N2(1a) (NX-OS), 4.2(1)N1(1) (NX-OS), 4.2(1)N2(1) (NX-OS), 4.2(1)N2(1a) (NX-OS), 5.0(2)N1(1) (NX-OS), 5.0(3)N1(1c) (NX-OS), 5.0(2)N2(1) (NX-OS), 5.0(2)N2(1a) (NX-OS), 5.0(3)N2(1) (NX-OS), 5.0(3)N2(2) (NX-OS), 5.0(3)N2(2a) (NX-OS), 5.0(3)N2(2b) (NX-OS), 5.1(3)N1(1) (NX-OS), 5.1(3)N1(1a) (NX-OS), 5.1(3)N2(1) (NX-OS), 5.1(3)N2(1a) (NX-OS), 5.1(3)N2(1b) (NX-OS), 5.1(3)N2(1c) (NX-OS), 5.2(1)N1(1) (NX-OS), 5.2(1)N1(1a) (NX-OS), 5.2(1)N1(1b) (NX-OS), 5.2(1)N1(2) (NX-OS), 5.2(1)N1(2a) (NX-OS), 5.2(1)N1(3) (NX-OS), 5.2(1)N1(4) (NX-OS), 5.2(1)N1(5) (NX-OS), 5.2(1)N1(6) (NX-OS), 5.2(1)N1(7) (NX-OS), 5.2(1)N1(8a) (NX-OS), 6.0(2)N1(1) (NX-OS), 6.0(2)N1(2) (NX-OS), 6.0(2)N1(2a) (NX-OS), 6.0(2)N2(1) (NX-OS), 6.0(2)N2(1b) (NX-OS), 6.0(2)N2(3) (NX-OS), 6.0(2)N2(4) (NX-OS), 6.0(2)N2(5) (NX-OS), 5.2(1)N1(8) (NX-OS), 5.2(9)N1(1) (NX-OS), 6.0(2)N2(5a) (NX-OS), 6.0(2)N2(6) (NX-OS), 6.0(2)N2(7) (NX-OS), 8.0(1)S2 (NX-OS), 6.0(2)N1(1a) (NX-OS), 4.1.(2) (NX-OS), 4.1.(3) (NX-OS), 4.1.(4) (NX-OS), 4.1.(5) (NX-OS), 4.2.(2a) (NX-OS), 4.2(3) (NX-OS), 4.2(4) (NX-OS), 4.2(6) (NX-OS), 4.2(8) (NX-OS), 5.0(2a) (NX-OS), 5.0(3) (NX-OS), 5.0(5) (NX-OS), 5.1(1) (NX-OS), 5.1(1a) (NX-OS), 5.1(3) (NX-OS), 5.1(4) (NX-OS), 5.1(5) (NX-OS), 5.1(6) (NX-OS), 5.2(1) (NX-OS), 5.2(3a) (NX-OS), 5.2(7) (NX-OS), 6.0(1) (NX-OS), 6.0(3) (NX-OS), 6.0(4) (NX-OS), 5.2(3) (NX-OS), 5.0(3)N1(1) (NX-OS), 5.0(3)N1(1a) (NX-OS), 5.0(3)N1(1b) (NX-OS), 5.2(1)N1(8b) (NX-OS), 5.2(1)N1(9) (NX-OS), 5.2(1)N1(9a) (NX-OS), 5.2(1)N1(9b) (NX-OS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.10.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.11.2018",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-01343",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-0395",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "NX-OS, FX-OS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. NX-OS 6.0(2)N2(2) , Cisco Systems Inc. NX-OS 5.2(5) , Cisco Systems Inc. NX-OS 6.0(2) , Cisco Systems Inc. NX-OS 5.2(4) , Cisco Systems Inc. FX-OS \u0434\u043e 2.3.1.58 , Cisco Systems Inc. NX-OS 5.0(3)U1(1) , Cisco Systems Inc. NX-OS 5.0(3)U1(1a) , Cisco Systems Inc. NX-OS 5.0(3)U1(1b) , Cisco Systems Inc. NX-OS 5.0(3)U1(1d) , Cisco Systems Inc. NX-OS 5.0(3)U1(2) , Cisco Systems Inc. NX-OS 5.0(3)U1(2a) , Cisco Systems Inc. NX-OS 5.0(3)U2(1) , Cisco Systems Inc. NX-OS 5.0(3)U2(2) , Cisco Systems Inc. NX-OS 5.0(3)U2(2a) , Cisco Systems Inc. NX-OS 5.0(3)U2(2b) , Cisco Systems Inc. NX-OS 5.0(3)U2(2c) , Cisco Systems Inc. NX-OS 5.0(3)U2(2d) , Cisco Systems Inc. NX-OS 5.0(3)U3(1) , Cisco Systems Inc. NX-OS 5.0(3)U3(2) , Cisco Systems Inc. NX-OS 5.0(3)U3(2a) , Cisco Systems Inc. NX-OS 5.0(3)U3(2b) , Cisco Systems Inc. NX-OS 5.0(3)U4(1) , Cisco Systems Inc. NX-OS 5.0(3)U5(1) , Cisco Systems Inc. NX-OS 5.0(3)U5(1a) , Cisco Systems Inc. NX-OS 5.0(3)U5(1b) , Cisco Systems Inc. NX-OS 5.0(3)U5(1c) , Cisco Systems Inc. NX-OS 5.0(3)U5(1d) , Cisco Systems Inc. NX-OS 5.0(3)U5(1e) , Cisco Systems Inc. NX-OS 6.0(2)U1(1) , Cisco Systems Inc. NX-OS 5.0(3)U5(1f) , Cisco Systems Inc. NX-OS 5.0(3)U5(1g) , Cisco Systems Inc. NX-OS 5.0(3)U5(1h) , Cisco Systems Inc. NX-OS 6.0(2)U1(1a) , Cisco Systems Inc. NX-OS 5.0(3)U1(1c) , Cisco Systems Inc. NX-OS 5.0(3)U5(1i) , Cisco Systems Inc. NX-OS 5.0(3)U5(1j) , Cisco Systems Inc. NX-OS 4.0(0)N1(1a) , Cisco Systems Inc. NX-OS 4.0(0)N1(2) , Cisco Systems Inc. NX-OS 4.0(0)N1(2a) , Cisco Systems Inc. NX-OS 4.0(1a)N1(1) , Cisco Systems Inc. NX-OS 4.0(1a)N1(1a) , Cisco Systems Inc. NX-OS 4.0(1a)N2(1) , Cisco Systems Inc. NX-OS 4.0(1a)N2(1a) , Cisco Systems Inc. NX-OS 4.1(3)N1(1) , Cisco Systems Inc. NX-OS 4.1(3)N1(1a , Cisco Systems Inc. NX-OS 4.1(3)N2(1) , Cisco Systems Inc. NX-OS 4.1(3)N2(1a) , Cisco Systems Inc. NX-OS 4.2(1)N1(1) , Cisco Systems Inc. NX-OS 4.2(1)N2(1) , Cisco Systems Inc. NX-OS 4.2(1)N2(1a) , Cisco Systems Inc. NX-OS 5.0(2)N1(1) , Cisco Systems Inc. NX-OS 5.0(3)N1(1c) , Cisco Systems Inc. NX-OS 5.0(2)N2(1) , Cisco Systems Inc. NX-OS 5.0(2)N2(1a) , Cisco Systems Inc. NX-OS 5.0(3)N2(1) , Cisco Systems Inc. NX-OS 5.0(3)N2(2) , Cisco Systems Inc. NX-OS 5.0(3)N2(2a) , Cisco Systems Inc. NX-OS 5.0(3)N2(2b) , Cisco Systems Inc. NX-OS 5.1(3)N1(1) , Cisco Systems Inc. NX-OS 5.1(3)N1(1a) , Cisco Systems Inc. NX-OS 5.1(3)N2(1) , Cisco Systems Inc. NX-OS 5.1(3)N2(1a) , Cisco Systems Inc. NX-OS 5.1(3)N2(1b) , Cisco Systems Inc. NX-OS 5.1(3)N2(1c) , Cisco Systems Inc. NX-OS 5.2(1)N1(1) , Cisco Systems Inc. NX-OS 5.2(1)N1(1a) , Cisco Systems Inc. NX-OS 5.2(1)N1(1b) , Cisco Systems Inc. NX-OS 5.2(1)N1(2) , Cisco Systems Inc. NX-OS 5.2(1)N1(2a) , Cisco Systems Inc. NX-OS 5.2(1)N1(3) , Cisco Systems Inc. NX-OS 5.2(1)N1(4) , Cisco Systems Inc. NX-OS 5.2(1)N1(5) , Cisco Systems Inc. NX-OS 5.2(1)N1(6) , Cisco Systems Inc. NX-OS 5.2(1)N1(7) , Cisco Systems Inc. NX-OS 5.2(1)N1(8a) , Cisco Systems Inc. NX-OS 6.0(2)N1(1) , Cisco Systems Inc. NX-OS 6.0(2)N1(2) , Cisco Systems Inc. NX-OS 6.0(2)N1(2a) , Cisco Systems Inc. NX-OS 6.0(2)N2(1) , Cisco Systems Inc. NX-OS 6.0(2)N2(1b) , Cisco Systems Inc. NX-OS 6.0(2)N2(3) , Cisco Systems Inc. NX-OS 6.0(2)N2(4) , Cisco Systems Inc. NX-OS 6.0(2)N2(5) , Cisco Systems Inc. NX-OS 5.2(1)N1(8) , Cisco Systems Inc. NX-OS 5.2(9)N1(1) , Cisco Systems Inc. NX-OS 6.0(2)N2(5a) , Cisco Systems Inc. NX-OS 6.0(2)N2(6) , Cisco Systems Inc. NX-OS 6.0(2)N2(7) , Cisco Systems Inc. NX-OS 8.0(1)S2 , Cisco Systems Inc. NX-OS 6.0(2)N1(1a) , Cisco Systems Inc. NX-OS 4.1.(2) , Cisco Systems Inc. NX-OS 4.1.(3) , Cisco Systems Inc. NX-OS 4.1.(4) , Cisco Systems Inc. NX-OS 4.1.(5) , Cisco Systems Inc. NX-OS 4.2.(2a) , Cisco Systems Inc. NX-OS 4.2(3) , Cisco Systems Inc. NX-OS 4.2(4) , Cisco Systems Inc. NX-OS 4.2(6) , Cisco Systems Inc. NX-OS 4.2(8) , Cisco Systems Inc. NX-OS 5.0(2a) , Cisco Systems Inc. NX-OS 5.0(3) , Cisco Systems Inc. NX-OS 5.0(5) , Cisco Systems Inc. NX-OS 5.1(1) , Cisco Systems Inc. NX-OS 5.1(1a) , Cisco Systems Inc. NX-OS 5.1(3) , Cisco Systems Inc. NX-OS 5.1(4) , Cisco Systems Inc. NX-OS 5.1(5) , Cisco Systems Inc. NX-OS 5.1(6) , Cisco Systems Inc. NX-OS 5.2(1) , Cisco Systems Inc. NX-OS 5.2(3a) , Cisco Systems Inc. NX-OS 5.2(7) , Cisco Systems Inc. NX-OS 6.0(1) , Cisco Systems Inc. NX-OS 6.0(3) , Cisco Systems Inc. NX-OS 6.0(4) , Cisco Systems Inc. NX-OS 5.2(3) , Cisco Systems Inc. NX-OS 5.0(3)N1(1) , Cisco Systems Inc. NX-OS 5.0(3)N1(1a) , Cisco Systems Inc. NX-OS 5.0(3)N1(1b) , Cisco Systems Inc. NX-OS 5.2(1)N1(8b) , Cisco Systems Inc. NX-OS 5.2(1)N1(9) , Cisco Systems Inc. NX-OS 5.2(1)N1(9a) , Cisco Systems Inc. NX-OS 5.2(1)N1(9b) ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Link Layer Discovery Protocol (LLDP) \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco FX-OS \u0438 Cisco NX-OS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Link Layer Discovery Protocol (LLDP) \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Cisco FX-OS \u0438 Cisco NX-OS  \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e LLDP-\u043a\u0430\u0434\u0440\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-0395",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}

CVE-2018-0395 (GCVE-0-2018-0395)

Vulnerability from cvelistv5 – Published: 2018-10-17 20:00 – Updated: 2024-11-26 14:25

Title

Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

Summary

A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly.

Severity ?

8.8 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20

Assigner

cisco

References

URL

Tags

	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1041919	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/105674	vdb-entryx_refsource_BID

Impacted products

Vendor

Product

Version

Cisco

Cisco NX-OS Software

Affected: unspecified , < 6.2(1) (custom)

Cisco

Firepower 4100 Series Next-Generation Firewalls

Affected: unspecified , < <2.3.1.58 (custom)

Date Public ?

2018-10-17 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20181017 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos"
          },
          {
            "name": "1041919",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041919"
          },
          {
            "name": "105674",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105674"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0395",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:50:39.212469Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:25:34.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco NX-OS Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.2(1)",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firepower 4100 Series Next-Generation Firewalls",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "\u003c2.3.1.58",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-10-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-20T09:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20181017 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos"
        },
        {
          "name": "1041919",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041919"
        },
        {
          "name": "105674",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105674"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181017-fxnx-os-dos",
        "defect": [
          [
            "CSCuc98542",
            "CSCvf23367",
            "CSCvj94174",
            "CSCvj96148"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-17T16:00:00-0500",
          "ID": "CVE-2018-0395",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco NX-OS Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.2(1)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Firepower 4100 Series Next-Generation Firewalls",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "\u003c2.3.1.58"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.8",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181017 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-fxnx-os-dos"
            },
            {
              "name": "1041919",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041919"
            },
            {
              "name": "105674",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105674"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181017-fxnx-os-dos",
          "defect": [
            [
              "CSCuc98542",
              "CSCvf23367",
              "CSCvj94174",
              "CSCvj96148"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0395",
    "datePublished": "2018-10-17T20:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2024-11-26T14:25:34.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2018-01343

CVE-2018-0395 (GCVE-0-2018-0395)

Tags

Sightings

Nomenclature