CVE-2018-0309
Description
A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: Affects Cisco Nexus 3000 and 9000 Series Switches running NX-OS in standalone mode (no version specified)
- Range: All versions (implicitly, as part of affected hardware platforms)
Patches
Vulnerability mechanics
References
2- www.securitytracker.com/id/1041169nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmpnvdVendor Advisory
News mentions
0No linked articles in our index yet.