CVE-2018-0102 : A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthen

A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software attempts to free the same area of memory twice. An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload. This vulnerability affects the following products when running Cisco NX-OS Software Release 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) with both the Pong and FabricPath features enabled and the FabricPath port is actively monitored via a SPAN session: Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches. Cisco Bug IDs: CSCuv98660.

Published 2018-01-18 06:29:01

Updated 2019-10-09 23:31:14

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2018-0102

Cisco » Nx-os » Version: 7.2(1)d(1)
cpe:2.3:o:cisco:nx-os:7.2\(1\)d\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 7.2(2)d1(1)
cpe:2.3:o:cisco:nx-os:7.2\(2\)d1\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 7.2(2)d1(2)
cpe:2.3:o:cisco:nx-os:7.2\(2\)d1\(2\):*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2018-0102

EPSS FAQ

0.26%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 49 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-0102

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.1	MEDIUM	AV:A/AC:L/Au:N/C:N/I:N/A:C	6.5	6.9	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.4	HIGH	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H	2.8	4.0	NIST
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2018-0102

CWE-399

Assigned by: ykramarz@cisco.com (Secondary)
CWE-415 Double Free

The product calls free() twice on the same memory address.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-0102

http://www.securitytracker.com/id/1040219

Cisco NX-OS Pong Request Processing Flaw Lets Remote Users Cause the Target System to Reload - SecurityTracker
Third Party Advisory;VDB Entry
http://www.securityfocus.com/bid/102728

Cisco NX-OS Software CVE-2018-0102 Denial of Service Vulnerability
Third Party Advisory;VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nx-os

Cisco NX-OS Software Pong Packet Denial of Service Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2018-0102

Products affected by CVE-2018-0102

Exploit prediction scoring system (EPSS) score for CVE-2018-0102

CVSS scores for CVE-2018-0102

CWE ids for CVE-2018-0102

References for CVE-2018-0102