Cisco 发布安全公告，披露了其 NX-OS 和 FXOS 软件中存在多个严重漏洞，这些漏洞可能导致拒绝服务攻击、远程代码执行和特权提升等安全问题。受影响的产品包括 Nexus 系列交换机、Firepower 系列防火墙和 UCS 系列 Fabric Interconnect 等。

🤔 **拒绝服务攻击:** Cisco NX-OS 软件中存在多个拒绝服务漏洞，例如 CVE-2018-0291、CVE-2018-0292、CVE-2018-0295、CVE-2018-0298、CVE-2018-0299 和 CVE-2018-0305。攻击者可以通过发送特制数据包，导致受影响设备停止响应，从而影响网络连接和服务可用性。

💻 **远程代码执行:** 多个漏洞可能允许攻击者远程执行代码，例如 CVE-2018-0292、CVE-2018-0301、CVE-2018-0303 和 CVE-2018-0304。攻击者可以通过发送恶意数据包或利用网络协议缺陷，在设备上执行任意代码，从而控制设备或窃取敏感信息。

🔐 **特权提升:** CVE-2018-0293 漏洞可能允许攻击者提升自身权限，获取设备管理员权限。攻击者可以通过利用漏洞，绕过访问控制机制，获得对设备的完全控制权。

⚠️ **未经授权的管理员账户:** CVE-2018-0294 漏洞可能导致设备存在未经授权的管理员账户，攻击者可以通过该账户登录设备并获取敏感信息或控制设备。

🌐 **广泛影响:** 这些漏洞影响了 Cisco NX-OS 和 FXOS 软件的多个产品，包括 Nexus 系列交换机、Firepower 系列防火墙和 UCS 系列 Fabric Interconnect 等，覆盖了广泛的网络设备和安全设备。

🛡️ **及时更新:** Cisco 已发布针对这些漏洞的安全补丁，用户应尽快更新设备软件版本，以修复漏洞并降低安全风险。

🧐 **风险评估:** 用户应评估自身环境中受影响设备的风险，并采取相应的安全措施，例如更新软件、配置防火墙、限制网络访问等，以减轻漏洞带来的潜在威胁。

cisco-sa-20180620-nxossnmp Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability CVE-2018-0291 High 7.7 Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nxosigmp Cisco NX-OS Software Internet Group Management Protocol Snooping Remote Code Execution and Denial of Service Vulnerability CVE-2018-0292 High 8.8 Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20180620-nxosrbac Cisco NX-OS Software Role-Based Access Control Elevated Privileges Vulnerability CVE-2018-0293 High 8.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-nxosadmin Cisco FXOS and NX-OS Software Unauthorized Administrator Account Vulnerability CVE-2018-0294 High 6.4 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance Nexus 1000V Series Switches Nexus 1100 Series Cloud Services Platforms Nexus 2000 Series Fabric Extenders Nexus 3500 Platform Switches Nexus 4000 Series Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nxosbgp Cisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerability CVE-2018-0295 High 8.6 Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-fxos-dos Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability CVE-2018-0298 High 8.6 Firepower 4100 Series Next-Generation Firewall Firepower 9300 Security Appliance UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-n4k-snmp-dos Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service Vulnerability CVE-2018-0299 High 7.7 Cisco Nexus 4000 Series Switches cisco-sa-20180620-firepwr-pt Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability CVE-2018-0300 High 7.2 Firepower 4100 Series Next-Generation Firewall Firepower 9300 Security Appliance cisco-sa-20180620-nxos-bo Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability CVE-2018-0301 Critical 9.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-fxos-ace Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability CVE-2018-0302 High 7.8 Firepower 4100 Series Next-Generation Firewall Firepower 9300 Security Appliance UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-fxnxos-dos Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability CVE-2018-0303 High 7.5 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches with Fibre Channel over Ethernet interfaces configured Nexus 1000V Series Switches Nexus 1100 Series Cloud Services Platforms Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-fxnxos-ace Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability CVE-2018-0304 Critical 9.8 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-fx-os-fabric-dos Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2018-0305 High 8.6 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nx-os-cli-execution Cisco NX-OS Software CLI Arbitrary Command Execution Vulnerability CVE-2018-0306 High 7.8 MDS 9000 Series Multilayer Switches Nexus 1000V Series Switches Nexus 1100 Series Cloud Services Platforms Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-nx-os-cli-injection Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability CVE-2018-0307 High 8.2 Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-fxnxos-fab-ace Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability CVE-2018-0308 Critical 9.8 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-n3k-n9k-clisnmp Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability CVE-2018-0309 High 7.7 Cisco Nexus 3000 Series Switches Cisco Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20180620-nx-os-fabric-dos Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2018-0310 High 8.6 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nx-os-fabric-services-dos Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2018-0311 High 8.6 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-fx-os-cli-execution Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability CVE-2018-0312 Critical 9.8 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nx-os-api-execution Cisco NX-OS Software NX-API Arbitrary Command Execution Vulnerability CVE-2018-0313 High 8.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules cisco-sa-20180620-fx-os-fabric-execution Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability CVE-2018-0314 Critical 9.8 Firepower 4100 Series Next-Generation Firewalls Firepower 9300 Security Appliance MDS 9000 Series Multilayer Switches Nexus 2000 Series Fabric Extenders Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects cisco-sa-20180620-nxos-nxapi Cisco NX-OS Software NX-API Privilege Escalation Vulnerability CVE-2018-0330 High 8.8 MDS 9000 Series Multilayer Switches Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in standalone NX-OS mode cisco-sa-20180620-nxos-cdp Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service Vulnerability CVE-2018-0331 High 7.4 Firepower 4100 Series Next-Generation Firewall Firepower 9300 Security Appliance MDS 9000 Series Multilayer Director Switches Nexus 1000V Series Switches Nexus 1100 Series Cloud Services Platforms Nexus 2000 Series Switches Nexus 3000 Series Switches Nexus 3500 Platform Switches Nexus 3600 Platform Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 7700 Series Switches Nexus 9000 Series Switches in NX-OS mode Nexus 9500 R-Series Line Cards and Fabric Modules UCS 6100 Series Fabric Interconnects UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects