Cisco NX-OS Software NX-API CVE-2018-0301 Remote Code Execution Vulnerability

Bugtraq ID:	104512
Class:	Input Validation Error
CVE:	CVE-2018-0301
Remote:	Yes
Local:	No
Published:	Jun 20 2018 12:00AM
Updated:	Jun 20 2018 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	Cisco NX-OS 8.0 Cisco NX-OS 7.3 Cisco NX-OS 7.2 Cisco NX-OS 7.0(3)I6 Cisco NX-OS 7.0(3)I5 Cisco NX-OS 7.0(3)I4 Cisco NX-OS 7.0 Cisco Nexus 9500 R-Series Line Cards and Fabric Modules 0 Cisco Nexus 7700 Series Switches 0 Cisco Nexus 7000 0 Cisco Nexus 6000 0 Cisco Nexus 5600 Series Switches 0 Cisco Nexus 5600 Platform Switches 0 Cisco Nexus 5500 Platform Switches 0 Cisco Nexus 3500 Platform Switches 0 Cisco Nexus 3000 0 Cisco Nexus 2000 0 Cisco Mds 9000 Nx-Os -
Not Vulnerable:

Cisco NX-OS Software NX-API CVE-2018-0301 Remote Code Execution Vulnerability

Cisco NX-OS Software is prone to a remote code-execution vulnerability.

Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application.

This issue is being tracked by Cisco Bug IDs CSCvd45804, CSCve02322, and CSCve02412.

Cisco NX-OS Software NX-API CVE-2018-0301 Remote Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco NX-OS Software NX-API CVE-2018-0301 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco NX-OS Software NX-API CVE-2018-0301 Remote Code Execution Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability (Cisco)