CVE-2018-0378

A vulnerability in the Precision Time Protocol (PTP) feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of protection against PTP frame flood attacks. An attacker could exploit this vulnerability by sending large streams of malicious IPv4 or IPv6 PTP traffic to the affected device. A successful exploit could allow the attacker to cause a DoS condition, impacting the traffic passing through the device.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:nx-os:7.3\(2\)n1\(0.8\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*

Information

Published : 2018-10-17 14:49

Updated : 2019-10-09 16:31


NVD link : CVE-2018-0378

Mitre link : CVE-2018-0378


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

cisco

  • nexus_5596t
  • nexus_5596up
  • nexus_5624q
  • nexus_5648q
  • nexus_6001
  • nexus_5672up
  • nexus_6004
  • nexus_5548p
  • nexus_5548up
  • nexus_56128p
  • nx-os
  • nexus_5696q
  • nexus_5672up-16g