SNMP Vulnerability in Cisco NX-OS Software Affecting Nexus Series Switches
CVE-2018-0291

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Nx-os Unknown
Vendor: CVE Published:; 20 June 2018

Summary

A vulnerability in the SNMP input packet processor of Cisco NX-OS Software allows an authenticated remote attacker to disrupt the SNMP application on affected devices. This results from improper validation of SNMP protocol data units (PDUs) within SNMP packets. By sending a specially crafted SNMP packet, an attacker can force the SNMP application to restart, which may lead to repeated disruptions and potential denial of service conditions across the network.

Affected Version(s)

Cisco NX-OS unknown Cisco NX-OS unknown

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1041169

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 20, 2018
Vulnerability Reserved
Nov 27, 2017