CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0298

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

Products affected by CVE-2018-0298

Cisco » Firepower 4110 » Version: N/A

cpe:2.3:h:cisco:firepower_4110:-
Cisco » Firepower 4120 » Version: N/A

cpe:2.3:h:cisco:firepower_4120:-
Cisco » Firepower 4140 » Version: N/A

cpe:2.3:h:cisco:firepower_4140:-
Cisco » Firepower 4150 » Version: N/A

cpe:2.3:h:cisco:firepower_4150:-
Cisco » Firepower 9300 Security Appliance » Version: N/A

cpe:2.3:h:cisco:firepower_9300_security_appliance:-
Cisco » Ucs 6120xp » Version: N/A

cpe:2.3:h:cisco:ucs_6120xp:-
Cisco » Ucs 6140xp » Version: N/A

cpe:2.3:h:cisco:ucs_6140xp:-
Cisco » Ucs 6248up » Version: N/A

cpe:2.3:h:cisco:ucs_6248up:-
Cisco » Ucs 6296up » Version: N/A

cpe:2.3:h:cisco:ucs_6296up:-
Cisco » Ucs 6324 » Version: N/A

cpe:2.3:h:cisco:ucs_6324:-
Cisco » Ucs 6332 » Version: N/A

cpe:2.3:h:cisco:ucs_6332:-
Cisco » Firepower Extensible Operating System » Version: 1.1(1.160)

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1(1.160)
Cisco » Firepower Extensible Operating System » Version: 1.1(1.86)

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1(1.86)
Cisco » Firepower Extensible Operating System » Version: 1.1.1

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.1
Cisco » Firepower Extensible Operating System » Version: 1.1.1.147

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.1.147
Cisco » Firepower Extensible Operating System » Version: 1.1.1.160

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.1.160
Cisco » Firepower Extensible Operating System » Version: 1.1.2.178

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.2.178
Cisco » Firepower Extensible Operating System » Version: 1.1.2.51

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.2.51
Cisco » Firepower Extensible Operating System » Version: 1.1.3

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3
Cisco » Firepower Extensible Operating System » Version: 1.1.3.84

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.84
Cisco » Firepower Extensible Operating System » Version: 1.1.3.86

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.86
Cisco » Firepower Extensible Operating System » Version: 1.1.3.97

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.3.97
Cisco » Firepower Extensible Operating System » Version: 1.1.4

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4
Cisco » Firepower Extensible Operating System » Version: 1.1.4.117

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.117
Cisco » Firepower Extensible Operating System » Version: 1.1.4.140

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.140
Cisco » Firepower Extensible Operating System » Version: 1.1.4.169

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.169
Cisco » Firepower Extensible Operating System » Version: 1.1.4.175

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.175
Cisco » Firepower Extensible Operating System » Version: 1.1.4.178

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.178
Cisco » Firepower Extensible Operating System » Version: 1.1.4.95

cpe:2.3:o:cisco:firepower_extensible_operating_system:1.1.4.95
Cisco » Firepower Extensible Operating System » Version: 2.0.1

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1
Cisco » Firepower Extensible Operating System » Version: 2.0.1.135

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.135
Cisco » Firepower Extensible Operating System » Version: 2.0.1.141

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.141
Cisco » Firepower Extensible Operating System » Version: 2.0.1.144

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.144
Cisco » Firepower Extensible Operating System » Version: 2.0.1.148

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.148
Cisco » Firepower Extensible Operating System » Version: 2.0.1.149

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.149
Cisco » Firepower Extensible Operating System » Version: 2.0.1.37

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.37
Cisco » Firepower Extensible Operating System » Version: 2.0.1.68

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.68
Cisco » Firepower Extensible Operating System » Version: 2.0.1.86

cpe:2.3:o:cisco:firepower_extensible_operating_system:2.0.1.86
Cisco » Nx-Os » Version: 3.1

cpe:2.3:o:cisco:nx-os:3.1
Cisco » Nx-Os » Version: 3.1(1k)a

cpe:2.3:o:cisco:nx-os:3.1(1k)a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0298

Products

Pricing

Contact Us