cnvd - cnvd-2018-14578

cnvd-2018-14578

Vulnerability from cnvd

Title

多款Cisco产品NX-OS Software Discovery Protocol子系统资源管理错误漏洞

Description

Cisco Firepower 4100 Series Next-Generation Firewall等都是美国思科（Cisco）公司的产品。Cisco Firepower 4100 Series Next-Generation Firewall是一款4100系列防火墙产品。Multilayer Director Switches是一款网关设备。Firepower Extensible Operating System（FXOS）和NX-OS System Software都是使用在其中的系统。NX-OS Software是一套面向数据中心的操作系统。Discovery Protocol（前称CDP）subsystem是其中的一个Cisco设备发现协议子系统。多款Cisco产品中的NX-OS Software的Discovery Protocol子系统存在资源管理错误漏洞，该漏洞源于程序未能正确的验证Cisco Discovery Protocol消息中的某些字段。攻击者可通过提交Cisco Discovery Protocol消息利用该漏洞造成拒绝服务。

Severity

中

Patch Name

多款Cisco产品NX-OS Software Discovery Protocol子系统资源管理错误漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp

Impacted products

Name
['Cisco Multilayer Director Switches', 'Cisco Firepower 4100 Series Next-Generation Firewall', 'Cisco Firepower Extensible Operating System', 'Cisco Firepower 4100 Series Next-Generation Firewalls 0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0331",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0331"
    }
  },
  "description": "Cisco Firepower 4100 Series Next-Generation Firewall\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower 4100 Series Next-Generation Firewall\u662f\u4e00\u6b3e4100\u7cfb\u5217\u9632\u706b\u5899\u4ea7\u54c1\u3002Multilayer Director Switches\u662f\u4e00\u6b3e\u7f51\u5173\u8bbe\u5907\u3002Firepower Extensible Operating System\uff08FXOS\uff09\u548cNX-OS System Software\u90fd\u662f\u4f7f\u7528\u5728\u5176\u4e2d\u7684\u7cfb\u7edf\u3002NX-OS Software\u662f\u4e00\u5957\u9762\u5411\u6570\u636e\u4e2d\u5fc3\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Discovery Protocol\uff08\u524d\u79f0CDP\uff09subsystem\u662f\u5176\u4e2d\u7684\u4e00\u4e2aCisco\u8bbe\u5907\u53d1\u73b0\u534f\u8bae\u5b50\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684NX-OS Software\u7684Discovery Protocol\u5b50\u7cfb\u7edf\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1Cisco Discovery Protocol\u6d88\u606f\u4e2d\u7684\u67d0\u4e9b\u5b57\u6bb5\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u63d0\u4ea4Cisco Discovery Protocol\u6d88\u606f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-14578",
  "openTime": "2018-08-03",
  "patchDescription": "Cisco Firepower 4100 Series Next-Generation Firewall\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower 4100 Series Next-Generation Firewall\u662f\u4e00\u6b3e4100\u7cfb\u5217\u9632\u706b\u5899\u4ea7\u54c1\u3002Multilayer Director Switches\u662f\u4e00\u6b3e\u7f51\u5173\u8bbe\u5907\u3002Firepower Extensible Operating System\uff08FXOS\uff09\u548cNX-OS System Software\u90fd\u662f\u4f7f\u7528\u5728\u5176\u4e2d\u7684\u7cfb\u7edf\u3002NX-OS Software\u662f\u4e00\u5957\u9762\u5411\u6570\u636e\u4e2d\u5fc3\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Discovery Protocol\uff08\u524d\u79f0CDP\uff09subsystem\u662f\u5176\u4e2d\u7684\u4e00\u4e2aCisco\u8bbe\u5907\u53d1\u73b0\u534f\u8bae\u5b50\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684NX-OS Software\u7684Discovery Protocol\u5b50\u7cfb\u7edf\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9a8c\u8bc1Cisco Discovery Protocol\u6d88\u606f\u4e2d\u7684\u67d0\u4e9b\u5b57\u6bb5\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u63d0\u4ea4Cisco Discovery Protocol\u6d88\u606f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eCisco\u4ea7\u54c1NX-OS Software Discovery Protocol\u5b50\u7cfb\u7edf\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Multilayer Director Switches",
      "Cisco Firepower 4100 Series Next-Generation Firewall",
      "Cisco Firepower Extensible Operating System",
      "Cisco Firepower 4100 Series Next-Generation Firewalls 0"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp",
  "serverity": "\u4e2d",
  "submitTime": "2018-06-26",
  "title": "\u591a\u6b3eCisco\u4ea7\u54c1NX-OS Software Discovery Protocol\u5b50\u7cfb\u7edf\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2018-0331 (GCVE-0-2018-0331)

Vulnerability from cvelistv5

Published

2018-06-21 11:00

Modified

2024-11-29 14:57

Severity ?

CWE

CWE-399

Summary

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.

References

URL

Tags

	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041169	vdb-entry, x_refsource_SECTRACK