Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2018-0298
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.8/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 6.9/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- None
CVSSv3.1 Score
- Severity
- High
- Base Score
- 7.5/10
- Exploit Score
- 3.9/10
- Access Vector
- Network
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 3.6/10
- Confidentiality Impact
- None
- Availability Impact
- High
- Integrity Impact
- None
- Scope
- Unchanged
- User Interaction
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:* |
Yes
|
3.0\(2\) | 3.1\(3a\)a | |
cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*: |
Yes
|
1.1 | 1.1.4.169 | |
cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*: |
Yes
|
2.0 | 2.0.1.135 | |
cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*: |
Yes
|
1.1 | 1.1.4.179 | |
cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*: |
Yes
|
2.0 | 2.0.1.153 | |
cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*: |
No
|
- |