First published: Wed Jun 20 2018(Updated: )
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code or cause a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace This advisory is part of the June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection, which includes 24 Cisco Security Advisories that describe 24 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection.
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco FXOS Software | =2.2.2<2.2.2.17=2.2.1<2.2.1.70=2.1.1<2.1.1.86=2.0<2.0.1.153=1.1<1.1.4.179 | 2.2.2.17 2.2.1.70 2.1.1.86 2.0.1.153 1.1.4.179 |
Cisco NX-OS Software | =8.1<8.1(1a)=7.3<8.1(1a)=6.2<6.2(21)=5.2<6.2(21) | 8.1(1a) 8.1(1a) 6.2(21) 6.2(21) |
Cisco NX-OS Software | ||
Cisco NX-OS Software | =6.2<6.2(20) | 6.2(20) |
Cisco NX-OS Software | =3.2<3.2(2b)=3.1<3.2(2b)=3.0<3.2(2b)=2.5<3.2(2b)=2.2<3.2(2b)=Prior to 2.2<3.2(2b) | 3.2(2b) 3.2(2b) 3.2(2b) 3.2(2b) 3.2(2b) 3.2(2b) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-20180620-fxnxos-fab-ace is critical.
An attacker can exploit cisco-sa-20180620-fxnxos-fab-ace by executing arbitrary code or causing a denial of service (DoS) condition.
The affected software versions for cisco-sa-20180620-fxnxos-fab-ace are: Cisco FXOS Software versions 2.2.2 up to and including 2.2.2.17, Cisco NX-OS Software versions 8.1 up to and including 8.1(1a), and Cisco NX-OS Software versions 6.2 up to and including 6.2(21).
To fix cisco-sa-20180620-fxnxos-fab-ace, upgrade to the appropriate fixed version: 2.2.2.18 or later for Cisco FXOS Software, 8.3 or later for Cisco NX-OS Software, or 6.2(22) or later for Cisco NX-OS Software.
You can find more information about cisco-sa-20180620-fxnxos-fab-ace at the Cisco Security Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace