{"containers": {"cna": {"affected": [{"product": "Cisco Nexus 3000 and 9000 unknown", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Nexus 3000 and 9000 unknown"}]}], "datePublic": "2018-06-21T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-06-23T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"}, {"name": "1041169", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041169"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0309", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Nexus 3000 and 9000 unknown", "version": {"version_data": [{"version_value": "Cisco Nexus 3000 and 9000 unknown"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-400"}]}]}, "references": {"reference_data": [{"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"}, {"name": "1041169", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041169"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:21:15.219Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"}, {"name": "1041169", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041169"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0309", "datePublished": "2018-06-21T11:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-08-05T03:21:15.219Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "00953B63-7DBB-4A67-B41D-321C2ECDE79A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n de un comando espec\u00edfico de la interfaz de l\u00ednea de comandos y el MIB SNMP (Simple Network Management Protocol) asociado para Cisco NX-OS (en modo NX-OS independiente) en los switches Cisco Nexus 3000 y 9000 Series podr\u00eda permitir que un atacante remoto autenticado agote la memoria del sistema en un dispositivo afectado, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la implementaci\u00f3n incorrecta del comando CLI, lo que resulta en un error a la hora de liberar toda la memoria asignada tras la finalizaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo afectado y enviando repetidamente un comando CLI espec\u00edfico o enviando una petici\u00f3n de sondeo SNMP concreta para un OID (Object Identifier) determinado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante consiga que el proceso de enrutamiento de IP se reinicie o que se restablezca el dispositivo, provocando una denegaci\u00f3n de servicio (DoS). Cisco Bug IDs: CSCvf23136."}], "id": "CVE-2018-0309", "lastModified": "2019-10-09T23:31:43.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-21T11:29:00.570", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041169"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}