A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow.
The vulnerability is due to incorrect input validation in the authentication module of the NX-API subsystem. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled. An exploit could allow the attacker to execute arbitrary code as root.
Note: NX-API is disabled by default.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo”]
This advisory is part of the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection, which includes 24 Cisco Security Advisories that describe 24 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-67770”].
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | cisco_nx-os_software | 6.1(2)i1 | cpe:2.3:a:cisco:cisco_nx-os_software:6.1\(2\)i1:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 6.1(2)i3 | cpe:2.3:a:cisco:cisco_nx-os_software:6.1\(2\)i3:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 7.0 | cpe:2.3:a:cisco:cisco_nx-os_software:7.0:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 7.0(2)i2 | cpe:2.3:a:cisco:cisco_nx-os_software:7.0\(2\)i2:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 7.3(1)d1 | cpe:2.3:a:cisco:cisco_nx-os_software:7.3\(1\)d1:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 7.3(1)n1 | cpe:2.3:a:cisco:cisco_nx-os_software:7.3\(1\)n1:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 7.3(2)d1 | cpe:2.3:a:cisco:cisco_nx-os_software:7.3\(2\)d1:*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 6.1(2)i1(1) | cpe:2.3:a:cisco:cisco_nx-os_software:6.1\(2\)i1\(1\):*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 6.1(2)i3(3.78) | cpe:2.3:a:cisco:cisco_nx-os_software:6.1\(2\)i3\(3.78\):*:*:*:*:*:*:* |
cisco | cisco_nx-os_software | 6.1(2)i3(3b) | cpe:2.3:a:cisco:cisco_nx-os_software:6.1\(2\)i3\(3b\):*:*:*:*:*:*:* |