Denial of Service Vulnerability in Cisco Nexus 9000 Series Switches
CVE-2017-3879

5.3MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Nexus 9000 Series Switches
Vendor
CVE Published:
17 March 2017

Summary

A Denial of Service vulnerability exists in the remote login functionality of Cisco Nexus 9000 Series Switches running Cisco NX-OS Software. An unauthenticated remote attacker can exploit this flaw to cause the login process to terminate unexpectedly, resulting in failed login attempts. This attack can be conducted through either Telnet or SSH connections, allowing unauthorized access attempts. Despite the vulnerability, user traffic remains unaffected. Important versions affected include 7.0(3)I3(1), 8.3(0)CV(0.342), and 8.3(0)CV(0.345), and it is crucial for users to update to fixed software versions to mitigate this risk.

Affected Version(s)

Cisco Nexus 9000 Series Switches Cisco Nexus 9000 Series Switches

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038046
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/96920
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.