PT-2018-3919 · Cisco · Firepower 4100 Series Next-Generation Firewalls+20
Published
2018-06-20
·
Updated
2023-04-20
·
CVE-2018-0331
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco NX-OS Software (affected versions not specified)
Firepower 4100 Series Next-Generation Firewall (affected versions not specified)
Firepower 9300 Security Appliance (affected versions not specified)
MDS 9000 Series Multilayer Director Switches (affected versions not specified)
Nexus 1000V Series Switches (affected versions not specified)
Nexus 1100 Series Cloud Services Platforms (affected versions not specified)
Nexus 2000 Series Switches (affected versions not specified)
Nexus 3000 Series Switches (affected versions not specified)
Nexus 3500 Platform Switches (affected versions not specified)
Nexus 3600 Platform Switches (affected versions not specified)
Nexus 5500 Platform Switches (affected versions not specified)
Nexus 5600 Platform Switches (affected versions not specified)
Nexus 6000 Series Switches (affected versions not specified)
Nexus 7000 Series Switches (affected versions not specified)
Nexus 7700 Series Switches (affected versions not specified)
Nexus 9000 Series Switches in NX-OS mode (affected versions not specified)
Nexus 9500 R-Series Line Cards and Fabric Modules (affected versions not specified)
UCS 6100 Series Fabric Interconnects (affected versions not specified)
UCS 6200 Series Fabric Interconnects (affected versions not specified)
UCS 6300 Series Fabric Interconnects (affected versions not specified)
Description
A vulnerability in the Cisco Discovery Protocol (CDP) subsystem could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a CDP message prior to processing it. An attacker with the ability to submit a CDP message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts.
Recommendations
For Cisco NX-OS Software, update to a fixed version.
For Firepower 4100 Series Next-Generation Firewall, update to a fixed version.
For Firepower 9300 Security Appliance, update to a fixed version.
For MDS 9000 Series Multilayer Director Switches, update to a fixed version.
For Nexus 1000V Series Switches, update to a fixed version.
For Nexus 1100 Series Cloud Services Platforms, update to a fixed version.
For Nexus 2000 Series Switches, update to a fixed version.
For Nexus 3000 Series Switches, update to a fixed version.
For Nexus 3500 Platform Switches, update to a fixed version.
For Nexus 3600 Platform Switches, update to a fixed version.
For Nexus 5500 Platform Switches, update to a fixed version.
For Nexus 5600 Platform Switches, update to a fixed version.
For Nexus 6000 Series Switches, update to a fixed version.
For Nexus 7000 Series Switches, update to a fixed version.
For Nexus 7700 Series Switches, update to a fixed version.
For Nexus 9000 Series Switches in NX-OS mode, update to a fixed version.
For Nexus 9500 R-Series Line Cards and Fabric Modules, update to a fixed version.
For UCS 6100 Series Fabric Interconnects, update to a fixed version.
For UCS 6200 Series Fabric Interconnects, update to a fixed version.
For UCS 6300 Series Fabric Interconnects, update to a fixed version.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Nx-Os
Cisco Nexus
Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
Mds 9000 Series Multilayer Director Switches
Nexus 1000V Series Switches
Nexus 1100 Series Cloud Services Platforms
Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches
Nexus 9500 R-Series Line Cards/Fabric Modules
Ucs 6100 Series Fabric Interconnects
Ucs 6200 Series Fabric Interconnects
Ucs 6300 Series Fabric Interconnects