CVE-2018-0309
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0309
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect implementation of the CLI command, resulting in a failure to free all allocated memory upon completion. An attacker could exploit this vulnerability by authenticating to the affected device and repeatedly issuing a specific CLI command or sending a specific SNMP poll request for a specific Object Identifier (OID). A successful exploit could allow the attacker to cause the IP routing process to restart or to cause a device reset, resulting in a DoS condition. Cisco Bug IDs: CSCvf23136.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Nexus 3000和9000 Series Switches NX-OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Nexus 3000和9000 Series Switches都是美国思科(Cisco)公司的不同系列的交换机设备。NX-OS是运行在其中的一套交换机使用的数据中心级操作系统软件。 Cisco Nexus 3000和9000 Series Switches中的NX-OS(在standalone NX-OS模式下)的CLI命令及相关联的Simple Network Management Protocol (SNMP) MIB的实现存在拒绝服务漏洞,该漏洞源于程序没有正确的实现CLI命令。远程攻击
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Cisco Nexus 3000 and 9000 unknown | Cisco Nexus 3000 and 9000 unknown | - |
II. Public POCs for CVE-2018-0309
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-0309
Please Login to view more intelligence information
Same Patch Batch · n/a · 2018-06-21 · 30 CVEs total
| CVE-2018-0305 | 多款Cisco产品FXOS Software和NX-OS Software Fabric Services组件安全漏洞 | |
| CVE-2018-0373 | Cisco AnyConnect Secure Mobility Client for Windows Desktop 输入验证漏洞 | |
| CVE-2018-0371 | Cisco Acano X-Series、Meeting Server 1000和Meeting Server 2000 Web Admin Interface 输入验证漏洞 | |
| CVE-2018-0365 | Cisco Firepower Management Center 跨站请求伪造漏洞 | |
| CVE-2018-0364 | Cisco Unified Communications Domain Manager 跨站请求伪造漏洞 | |
| CVE-2018-0363 | Cisco Unified Communications Manager IM & Presence Service 跨站请求伪造漏洞 | |
| CVE-2018-0362 | Cisco 5000 Series Enterprise Network Compute System和UCS E-Series Servers 授权问题漏洞 | |
| CVE-2018-0359 | Cisco Meeting Server 安全漏洞 | |
| CVE-2018-0358 | Cisco TelePresence Video Communication Server Expressway 安全漏洞 | |
| CVE-2018-0337 | Cisco NX-OS Software 输入验证错误漏洞 | |
| CVE-2018-0331 | 多款Cisco产品NX-OS Software Discovery Protocol子系统资源管理错误漏洞 | |
| CVE-2018-0313 | 多款Cisco产品NX-OS Software 输入验证漏洞 | |
| CVE-2018-0311 | 多款Cisco产品FXOS Software和NX-OS Software Fabric Services组件资源管理错误漏洞 | |
| CVE-2018-0310 | 多款Cisco产品FXOS Software和NX-OS Software Fabric Services组件资源管理错误漏洞 | |
| CVE-2018-0306 | 多款Cisco产品NX-OS Software CLI解析器输入验证错误漏洞 | |
| CVE-2018-12630 | NEWMARK NMCMS SQL注入漏洞 | |
| CVE-2018-0303 | 多款Cisco产品FXOS Software和NX-OS Software Discovery Protocol组件输入验证漏洞 | |
| CVE-2018-0302 | 多款Cisco产品FXOS Software和UCS Fabric Interconnect Software CLI解析器输入验证错误漏洞 | |
| CVE-2018-0300 | Cisco Firepower 4100 Series Next-Generation Firewall和Firepower 9300 Security Appliance 路径遍 | |
| CVE-2018-0299 | Cisco Nexus 4000 Series Switch NX-OS 输入验证漏洞 |
Showing top 20 of 30 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
Same weakness: CWE-400
- CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-42343
FastGPT: Uncontrolled Resource Consumption leading to Sandbo - CVE-2026-42212
SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-lau - CVE-2026-32686
Unbounded exponent in decimal enables unauthenticated DoS - CVE-2026-20188
Cisco Crosswork Network Controller and Cisco Network Service
V. Comments for CVE-2018-0309
No comments yet