SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco NX-OS Vendors:   Cisco
Cisco Nexus 9000 Series Fabric Switches in ACI Mode Lets Remote Users Consume Excessive Memory Resources
SecurityTracker Alert ID:  1041348
SecurityTracker URL:  http://securitytracker.com/id/1041348
CVE Reference:   CVE-2018-0372   (Links to External Site)
Date:  Jul 19 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9000 Series Fabric Switches, in ACI Mode; version 13.0(1k)
Description:   A vulnerability was reported in Cisco Nexus 9000 Series Fabric Switches. A remote user can consume excessive memory on the target system.

A remote user can send a large number of specially crafted DHCPv6 packets to the target device to trigger a memory management error and consume excessive memory and deny service on the target device.


Systems with unicast routing enabled on the Bridge Domain (BD) are affected.

Systems are affected even if DHCP and DHCP relay are not configured.

The vendor has assigned bug ID CSCvg38918 to this vulnerability.

Impact:   A remote user can consume excessive memory resources on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos (Links to External Site)
Cause:   Resource error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC