Cisco FXOS and NX-OS Software CVE-2018-0314 Arbitrary Code Execution Vulnerability

Bugtraq ID:	104516
Class:	Boundary Condition Error
CVE:	CVE-2018-0314
Remote:	Yes
Local:	No
Published:	Jun 20 2018 12:00AM
Updated:	Jun 20 2018 12:00AM
Credit:	Cisco
Vulnerable:	Cisco UCS 6300 Series Fabric Interconnects 0 Cisco UCS 6200 Series Fabric Interconnects 0 Cisco UCS 6100 Series Fabric Interconnects 0 Cisco NX-OS 8.1 Cisco NX-OS 8.0 Cisco NX-OS 7.3 Cisco NX-OS 7.2 Cisco NX-OS 7.1 Cisco NX-OS 7.0(3)I7 Cisco NX-OS 7.0(3)I6 Cisco NX-OS 7.0(3)I5 Cisco NX-OS 7.0(3)I4 Cisco NX-OS 7.0 Cisco NX-OS 6.2 Cisco NX-OS 6.0 Cisco NX-OS 5.2 Cisco NX-OS 3.2 Cisco NX-OS 3.1 Cisco NX-OS 3.0 Cisco NX-OS 2.5 Cisco NX-OS 2.2 Cisco Nexus 9500 R-Series Line Cards and Fabric Modules 0 Cisco Nexus 9000 Series Switches in standalone NX-OS mode 0 Cisco Nexus 7700 Series Switches 0 Cisco Nexus 7000 Series Switches 0 Cisco Nexus 6000 Series Switches 0 Cisco Nexus 5600 Platform Switches 0 Cisco Nexus 5500 Platform Switches 0 Cisco Nexus 3500 Platform Switches 0 Cisco Nexus 3000 Series Switches 0 Cisco Nexus 2000 Series Fabric Extenders 0 Cisco MDS 9000 Series Multilayer Switches 0 Cisco FXOS 2.2.2 Cisco FXOS 2.2.1 Cisco FXOS 2.1.1 Cisco FXOS 2.0 Cisco FXOS 1.1 Cisco Firepower 9300 Security Appliance 0 Cisco Firepower 4100 Series Next-Generation Firewall 0
Not Vulnerable:	Cisco NX-OS 8.1(2) Cisco NX-OS 8.1(1a) Cisco NX-OS 7.3(3)N1(1) Cisco NX-OS 7.3(2)D1(1) Cisco NX-OS 7.0(3)I7(2) Cisco NX-OS 7.0(3)I7(1) Cisco NX-OS 7.0(3)I4(7) Cisco NX-OS 7.0(3)F3(1) Cisco NX-OS 6.2(21) Cisco NX-OS 6.2(20) Cisco NX-OS 3.2(2b) Cisco FXOS 2.2.2.17 Cisco FXOS 2.2.1.70 Cisco FXOS 2.1.1.86 Cisco FXOS 2.0.1.153 Cisco FXOS 1.1.4.179

Cisco FXOS and NX-OS Software CVE-2018-0314 Arbitrary Code Execution Vulnerability

Cisco FXOS and NX-OS Software are prone to an arbitrary code execution vulnerability.

Successful exploits will allow an attacker to execute arbitrary code in the context of the affected system. Failed exploit attempts will likely result in a denial-of-service condition.

This issue is tracked by Cisco Bug IDs CSCvd69943, CSCve02429, CSCve02433, CSCve02435, CSCve02445, and CSCve04859.

Cisco FXOS and NX-OS Software CVE-2018-0314 Arbitrary Code Execution Vulnerability

References:

• Cisco Homepage (Cisco)
  
• Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vul (Cisco)