Cisco Event Response Page
Cisco Event Response: June 2018 Cisco FXOS and NX-OS Software Security Advisory Collection
-
The June 20, 2018, release of the Cisco FXOS and NX-OS Software Security Advisory Collection includes 24 Cisco Security Advisories that describe 24 vulnerabilities in Cisco FXOS Software and Cisco NX-OS Software. Cisco has released software updates that address these vulnerabilities.
Five of the vulnerabilities have a Security Impact Rating (SIR) of Critical. The remaining 19 vulnerabilities have a SIR of High. Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access to an affected device, gain elevated privileges for an affected device, execute arbitrary code, execute arbitrary commands, gain access to sensitive information, or cause a denial of service (DoS) condition on an affected device.
Twelve of the vulnerabilities affect both Cisco FXOS Software and Cisco NX-OS Software and the remaining vulnerabilities affect only Cisco NX-OS Software. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS Software or Cisco IOS XE Software.
-
The following table identifies Cisco Security content that is associated with this Cisco FXOS and NX-OS Software Security Advisory Collection:
Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Affected Cisco Platforms cisco-sa-20180620-nxossnmp
Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service VulnerabilityCVE-2018-0291High 7.7 Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nxosigmp
Cisco NX-OS Software Internet Group Management Protocol Snooping Remote Code Execution and Denial of Service VulnerabilityCVE-2018-0292High 8.8 Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20180620-nxosrbac
Cisco NX-OS Software Role-Based Access Control Elevated Privileges VulnerabilityCVE-2018-0293High 8.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-nxosadmin
Cisco FXOS and NX-OS Software Unauthorized Administrator Account VulnerabilityCVE-2018-0294High 6.4 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
Nexus 1000V Series Switches
Nexus 1100 Series Cloud Services Platforms
Nexus 2000 Series Fabric Extenders
Nexus 3500 Platform Switches
Nexus 4000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nxosbgp
Cisco NX-OS Software Border Gateway Protocol Denial of Service VulnerabilityCVE-2018-0295High 8.6 Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-fxos-dos
Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service VulnerabilityCVE-2018-0298High 8.6 Firepower 4100 Series Next-Generation Firewall
Firepower 9300 Security Appliance
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-n4k-snmp-dos
Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service VulnerabilityCVE-2018-0299High 7.7 Cisco Nexus 4000 Series Switches cisco-sa-20180620-firepwr-pt
Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal VulnerabilityCVE-2018-0300High 7.2 Firepower 4100 Series Next-Generation Firewall
Firepower 9300 Security Appliancecisco-sa-20180620-nxos-bo
Cisco NX-OS Software NX-API Arbitrary Code Execution VulnerabilityCVE-2018-0301Critical 9.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-fxos-ace
Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution VulnerabilityCVE-2018-0302High 7.8 Firepower 4100 Series Next-Generation Firewall
Firepower 9300 Security Appliance
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-fxnxos-dos
Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution VulnerabilityCVE-2018-0303High 7.5 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches with Fibre Channel over Ethernet interfaces configured
Nexus 1000V Series Switches
Nexus 1100 Series Cloud Services Platforms
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-fxnxos-ace
Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution VulnerabilityCVE-2018-0304Critical 9.8 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-fx-os-fabric-dos
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service VulnerabilityCVE-2018-0305High 8.6 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nx-os-cli-execution
Cisco NX-OS Software CLI Arbitrary Command Execution VulnerabilityCVE-2018-0306High 7.8 MDS 9000 Series Multilayer Switches
Nexus 1000V Series Switches
Nexus 1100 Series Cloud Services Platforms
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-nx-os-cli-injection
Cisco NX-OS Software CLI Arbitrary Command Injection VulnerabilityCVE-2018-0307High 8.2 Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-fxnxos-fab-ace
Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution VulnerabilityCVE-2018-0308Critical 9.8 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-n3k-n9k-clisnmp
Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service VulnerabilityCVE-2018-0309High 7.7 Cisco Nexus 3000 Series Switches
Cisco Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20180620-nx-os-fabric-dos
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service VulnerabilityCVE-2018-0310High 8.6 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nx-os-fabric-services-dos
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service VulnerabilityCVE-2018-0311High 8.6 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-fx-os-cli-execution
Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution VulnerabilityCVE-2018-0312Critical 9.8 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nx-os-api-execution
Cisco NX-OS Software NX-API Arbitrary Command Execution VulnerabilityCVE-2018-0313High 8.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modulescisco-sa-20180620-fx-os-fabric-execution
Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution VulnerabilityCVE-2018-0314Critical 9.8 Firepower 4100 Series Next-Generation Firewalls
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Switches
Nexus 2000 Series Fabric Extenders
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnectscisco-sa-20180620-nxos-nxapi
Cisco NX-OS Software NX-API Privilege Escalation VulnerabilityCVE-2018-0330High 8.8 MDS 9000 Series Multilayer Switches
Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in standalone NX-OS modecisco-sa-20180620-nxos-cdp
Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service VulnerabilityCVE-2018-0331High 7.4 Firepower 4100 Series Next-Generation Firewall
Firepower 9300 Security Appliance
MDS 9000 Series Multilayer Director Switches
Nexus 1000V Series Switches
Nexus 1100 Series Cloud Services Platforms
Nexus 2000 Series Switches
Nexus 3000 Series Switches
Nexus 3500 Platform Switches
Nexus 3600 Platform Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 7700 Series Switches
Nexus 9000 Series Switches in NX-OS mode
Nexus 9500 R-Series Line Cards and Fabric Modules
UCS 6100 Series Fabric Interconnects
UCS 6200 Series Fabric Interconnects
UCS 6300 Series Fabric Interconnects
Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A