Cisco patched 5 critical Vulnerabilities in FXOS and NX-OS Software that allows attackers to execute a remote arbitrary code that causing a buffer overflow, denial of service (DoS), to read sensitive memory content on the affected devices.
Cisco NX-OS Software NX-API – CVE-2018-0301
Cisco FXOS and NX-OS Software Cisco – (CVE-2018-0308, CVE-2018-0304, CVE-2018-0314, and CVE-2018-0312).
Cisco released patches – Affected Products
MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in a standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects
High severity vulnerabilities
A vulnerability in the CLI & RBAC of Cisco NX-OS Software (
CVE-2018-0293, CVE-2018-0307) would allow a local attacker to perform command-injection attack on the Vulnerable device.
The vulnerability (CVE-2018-0291) in Simple Network Management of Cisco NX-OS Software allow attackers to cause an SNMP application attack.
Internet Group Management Protocol (IGMP) (CVE-2018-0292) feature of Cisco NX-OS Software allows a remote attacker to execute arbitrary codes and to cause DDoS attacks.
The vulnerability that resides with Border Gateway Protocol (BGP) (CVE-2018-0295) implementation of Cisco NX-OS could allow an unauthenticated, remote attacker to cause a denial of service (DoS).
A flaw in Cisco FXOS Software and Cisco NX-OS Software (CVE-2018-0294) would allow an unauthorized attacker to create an admin account.
Privilege Escalation vulnerability Cisco NX-OS Software NX-API (CVE-2018-0330) allow attackers to run commands in elevated privilege.
Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service Vulnerability (CVE-2018-0331).
Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software (CVE-2018-0311) allows a remote attacker to cause the DoS attack.
Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software (CVE-2018-0310) allow a remote attacker to obtain sensitive data and cause DoS attack.
CLI parser of Cisco NX-OS Software (CVE-2018-0306) would allow a local attacker to perform command-injection attack.
NX-API feature of Cisco NX-OS Software (CVE-2018-0313) would allow an attacker to send a crafted packet that results in command injection exploit.
Simple Network Management Protocol (SNMP) feature of the Cisco Nexus 4000 Series (CVE-2018-0299) allows a remote attacker to cause DoS.
Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability (CVE-2018-0309).
Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability (CVE-2018-0298)
CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software (CVE-2018-0302) would allow a local attacker to cause a buffer overflow.
Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software (CVE-2018-0303 ) allow the attacker to execute arbitrary code as root user and can cause DoS attack.
Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software (
CVE-2018-0305) would allow a remote attacker to cause a DoS attack.
Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance (CVE-2018-0300) could allow an authenticated, vulnerable to path traversal.
You can find further Cisco released patches details and medium level vulnerabilities in Cisco Security Advisories page, some products reached the end of life and updates not provided.