Design/Logic Flaw

2019-05-1602:29:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.9%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. The vulnerability is due to improper error handling when processing inbound SNMP packets. An attacker could exploit this vulnerability by sending multiple crafted SNMP packets to an affected device. A successful exploit could allow the attacker to cause the SNMP application to leak system memory because of an improperly handled error condition during packet processing. Over time, this memory leak could cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

CPENameOperatorVersion
firepower_extensible_operating_systemge2.6
firepower_extensible_operating_systemlt2.6.1.131
fx-oslt2.2.2.91
fx-osge2.3
fx-oslt2.3.1.130
fx-osge2.4
fx-oslt2.4.1.222
nx-oseq< 8.11
nx-oseq< 7.3i48
nx-oseq>= 7.3i7 AND < 7.3i72

Name	Operator	Version
firepower_extensible_operating_system	ge	2.6
firepower_extensible_operating_system	lt	2.6.1.131
fx-os	lt	2.2.2.91
fx-os	ge	2.3
fx-os	lt	2.3.1.130
fx-os	ge	2.4
fx-os	lt	2.4.1.222
nx-os	eq	< 8.11
nx-os	eq	< 7.3i48
nx-os	eq	>= 7.3i7 AND < 7.3i72