Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0090
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition. The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode. Cisco Bug IDs: CSCvf31132.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品Cisco NX-OS System Software 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Multilayer Director Switches等都是美国思科(Cisco)公司的交换机产品。Cisco NX-OS System Software是一套运行在交换机中的软件。 多款Cisco产品中的Cisco NX-OS System Software的管理界面访问控制列表(ACL)配置存在拒绝服务漏洞。远程攻击者可通过向管理界面发送特制的流量利用该漏洞绕过已配置的访问控制列表。以下产品受到影响:Cisco Multilayer Director Switches;Nexus 200
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-Cisco NX-OS Cisco NX-OS -
II. Public POCs for CVE-2018-0090
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2018-0090
Please Login to view more intelligence information
New Vulnerabilities
Product: Cisco NX-OS
Vendor: n/a
Same weakness: CWE-20
V. Comments for CVE-2018-0090

No comments yet

Leave a comment