Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0303

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 8.8, indicating it requires adjacent network access with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), and availability (service disruption) for affected systems. Impacting 84 products from cisco, from cisco, from cisco and 81 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2018, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2018-06-21T11:29:00.413

Last Modified

2024-11-21T03:37:56.127

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: ADJACENT_NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

6.5

Impact Score

10.0

Weaknesses
  • Type: Secondary
    CWE-20
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco nx-os 7.0\(0\)hsk\(0.357\) Yes
Operating System cisco nx-os 8.1\(0.2\)s0 Yes
Operating System cisco nx-os 8.8\(0.1\) Yes
Hardware cisco nexus_5000 - No
Hardware cisco nexus_5010 - No
Hardware cisco nexus_5020 - No
Hardware cisco nexus_5548p - No
Hardware cisco nexus_5548up - No
Hardware cisco nexus_5596t - No
Hardware cisco nexus_5596up - No
Hardware cisco nexus_56128p - No
Hardware cisco nexus_5624q - No
Hardware cisco nexus_5648q - No
Hardware cisco nexus_5672up - No
Hardware cisco nexus_5696q - No
Operating System cisco nx-os 8.0\(1\) Yes
Hardware cisco nexus_7000 - No
Hardware cisco nexus_7700 - No
Operating System cisco nx-os 8.8\(3.5\)s0 Yes
Hardware cisco nexus_92160yc-x - No
Hardware cisco nexus_92304qc - No
Hardware cisco nexus_9236c - No
Hardware cisco nexus_9272q - No
Hardware cisco nexus_93108tc-ex - No
Hardware cisco nexus_93120tx - No
Hardware cisco nexus_93128tx - No
Hardware cisco nexus_93180yc-ex - No
Hardware cisco nexus_9332pq - No
Hardware cisco nexus_9372px - No
Hardware cisco nexus_9372tx - No
Hardware cisco nexus_9396px - No
Hardware cisco nexus_9396tx - No
Hardware cisco nexus_9504 - No
Hardware cisco nexus_9508 - No
Hardware cisco nexus_9516 - No
Hardware cisco nexus_n9k-c9508-fm-r - No
Hardware cisco nexus_n9k-x9636c-r - No
Hardware cisco nexus_n9k-x9636q-r - No
Operating System cisco nx-os 7.0\(3\)i4\(7\) Yes
Operating System cisco nx-os 7.0\(3\)i7\(1\) Yes
Hardware cisco nexus_172tq-xl - No
Hardware cisco nexus_3016 - No
Hardware cisco nexus_3048 - No
Hardware cisco nexus_3064-32t - No
Hardware cisco nexus_3064-t - No
Hardware cisco nexus_3064-x - No
Hardware cisco nexus_3100-v - No
Hardware cisco nexus_31128pq - No
Hardware cisco nexus_3132c-z - No
Hardware cisco nexus_3132q - No
Hardware cisco nexus_3132q-x - No
Hardware cisco nexus_3132q-xl - No
Hardware cisco nexus_3164q - No
Hardware cisco nexus_3172pq - No
Hardware cisco nexus_3172pq-xl - No
Hardware cisco nexus_3172tq - No
Hardware cisco nexus_3172tq-32t - No
Hardware cisco nexus_3232c - No
Hardware cisco nexus_3264c-e - No
Hardware cisco nexus_3264q - No
Hardware cisco nexus_34180yc - No
Hardware cisco nexus_3524-x - No
Hardware cisco nexus_3524-xl - No
Hardware cisco nexus_3548 - No
Hardware cisco nexus_3548-x - No
Hardware cisco nexus_3548-xl - No
Hardware cisco nexus_3636c-r - No
Hardware cisco nexus_c36180yc-r - No
Operating System cisco nx-os 7.0\(0\)hsk\(0.357\) Yes
Operating System cisco nx-os 8.1\(0.2\)s0 Yes
Operating System cisco nx-os 8.8\(0.1\) Yes
Hardware cisco nexus_2148t - No
Hardware cisco nexus_2224tp_ge - No
Hardware cisco nexus_2232pp_10ge - No
Hardware cisco nexus_2232tm-e_10ge - No
Hardware cisco nexus_2232tm_10ge - No
Hardware cisco nexus_2248pq_10ge - No
Hardware cisco nexus_2248tp-e - No
Hardware cisco nexus_2248tp_ge - No
Operating System cisco nx-os 7.0\(0\)hsk\(0.357\) Yes
Operating System cisco nx-os 8.1\(0.2\)s0 Yes
Operating System cisco nx-os 8.8\(0.1\) Yes
Hardware cisco nexus_6001p - No
Hardware cisco nexus_6001t - No
Operating System cisco nx-os 3.1\(3a\)a Yes
Hardware cisco ucs_6120xp - No
Hardware cisco ucs_6140xp - No
Hardware cisco ucs_6248up - No
Hardware cisco ucs_6296up - No
Hardware cisco ucs_6324 - No
Hardware cisco ucs_6332 - No
Operating System cisco firepower_extensible_operating_system < 1.1.4.179 Yes
Operating System cisco firepower_extensible_operating_system < 2.0.1.153 Yes
Operating System cisco firepower_extensible_operating_system < 2.1.1.86 Yes
Operating System cisco firepower_extensible_operating_system < 2.2.1.70 Yes
Operating System cisco firepower_extensible_operating_system < 2.2.2.17 Yes
Hardware cisco firepower_4110 - No
Hardware cisco firepower_4120 - No
Hardware cisco firepower_4140 - No
Hardware cisco firepower_4150 - No
Operating System cisco firepower_extensible_operating_system < 1.1.4.179 Yes
Operating System cisco firepower_extensible_operating_system < 2.0.1.153 Yes
Operating System cisco firepower_extensible_operating_system < 2.1.1.86 Yes
Operating System cisco firepower_extensible_operating_system < 2.2.1.70 Yes
Operating System cisco firepower_extensible_operating_system < 2.2.2.17 Yes
Hardware cisco firepower_9300_security_appliance - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.