Main Vulnerability Database SB2018072307

SB2018072307 - Denial of service in Cisco Nexus 9000 Series switches

Published: July 23, 2018

Security Bulletin ID SB2018072307

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: CVE-2018-0372)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. A remote attacker can send a high number of malicious DHCPv6 packets, cause the system to run low on memory, and trigger an eventual reboot of an affected device.

Remediation

Install update from vendor's website.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos