cvedb.io
CVE-2018-0314
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-06-20T21:29:00.717 · Last modified 2026-06-17T01:30:28.323

Summary

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to execute arbitrary code on the device. This vulnerability affects the following if configured to use Cisco Fabric Services: Firepower 4100 Series Next-Generation Firewalls, Fi

Affected products

cisco — nexus_7000_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.