Vulnerability Name:

CVE-2018-0308 (CCN-145125)

Assigned:2017-11-27
Published:2018-06-20
Updated:2019-10-09
Summary:A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code or cause a DoS condition. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69954, CSCve02463, CSCve02785, CSCve02787, CSCve02804, CSCve04859.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-0308

Source: BID
Type: Third Party Advisory, VDB Entry
104514

Source: CCN
Type: BID-104514
Cisco FXOS and NX-OS Software Fabric Services CVE-2018-0308 Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041169

Source: XF
Type: UNKNOWN
cisco-fxos-cve20180308-bo(145125)

Source: CCN
Type: Cisco Security Advisory cisco-sa-20180620-fxnxos-fab-ace
Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability

Source: CONFIRM
Type: Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:nexus_7000_firmware:7.3(2)d1(0.49):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:nexus_7000_firmware:8.0(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:nexus_7000_firmware:8.1(0.112)s0:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:nexus_7000:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:cisco:nexus_5000_firmware:7.0(0)hsk(0.357):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:nexus_5000_firmware:7.3(0)d1(0.98):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:nexus_5000_firmware:8.1(0.2)s0:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:nexus_5000:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:cisco:firepower_9000_firmware:r211:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:firepower_9000_firmware:r231:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:firepower_9000:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:cisco:nexus_9000_firmware:8.1(0)bd(0.20):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:nexus_9000_firmware:8.1(1)s4:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:nexus_9000:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:cisco:unified_computing_system_firmware:3.1(3a)a:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:unified_computing_system_firmware:7.0(0)hsk(0.357):*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:unified_computing_system:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:cisco:nexus_3000:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:nexus_2000:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco nexus 7000 firmware 7.3(2)d1(0.49)
    cisco nexus 7000 firmware 8.0(1)
    cisco nexus 7000 firmware 8.1(0.112)s0
    cisco nexus 7000 -
    cisco nexus 5000 firmware 7.0(0)hsk(0.357)
    cisco nexus 5000 firmware 7.3(0)d1(0.98)
    cisco nexus 5000 firmware 8.1(0.2)s0
    cisco nexus 5000 -
    cisco firepower 9000 firmware r211
    cisco firepower 9000 firmware r231
    cisco firepower 9000 -
    cisco nexus 9000 firmware 8.1(0)bd(0.20)
    cisco nexus 9000 firmware 8.1(1)s4
    cisco nexus 9000 -
    cisco unified computing system firmware 3.1(3a)a
    cisco unified computing system firmware 7.0(0)hsk(0.357)
    cisco unified computing system -
    cisco nexus 3000 *
    cisco nexus 2000 -