{ "id": "CVE-2017-3879", "sourceIdentifier": "ykramarz@cisco.com", "published": "2017-03-17T22:59:00.577", "lastModified": "2017-07-12T01:29:17.050", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCuy25824. Known Affected Releases: 7.0(3)I3(1) 8.3(0)CV(0.342) 8.3(0)CV(0.345). Known Fixed Releases: 8.3(0)CV(0.362) 8.0(1) 7.0(3)IED5(0.19) 7.0(3)IED5(0) 7.0(3)I4(1) 7.0(3)I4(0.8) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1) 7.0(3)F1(0.230)." }, { "lang": "es", "value": "Una vulnerabilidad de denegaci\u00f3n de servicio en la funcionalidad de inicio de sesi\u00f3n remoto para el software Cisco NX-OS que se ejecuta en Cisco Nexus 9000 Series Switches podr\u00eda permitir a un atacante remoto no autenticado provocar que un proceso utilizado para iniciar sesi\u00f3n termine inesperadamente y que el intento de inicio de sesi\u00f3n fracase. No hay impacto en el tr\u00e1fico de usuarios que fluye a trav\u00e9s del dispositivo. El atacante podr\u00eda utilizar un Telnet o un cliente SSH para el intento de inicio de sesi\u00f3n remoto. Productos afectados: Esta vulnerabilidad afecta a los conmutadores Cisco Nexus serie 9000 que ejecutan el software Cisco NX-OS y est\u00e1n configurados para permitir conexiones Telnet remotas al dispositivo. M\u00e1s informaci\u00f3n: CSCuy25824. Lanzamientos afectados conocidos: 7.0(3)I3(1) 8.3(0)CV(0.342) 8.3(0)CV(0.345). . Lotes fijos conocidos: Known Fixed Releases: 8.3(0)CV(0.362) 8.0(1) 7.0(3)IED5(0.19) 7.0(3)IED5(0) 7.0(3)I4(1) 7.0(3)I4(0.8) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1) 7.0(3)F1(0.230)." } ], "metrics": { "cvssMetricV30": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 3.9, "impactScore": 1.4 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.170\\):*:*:*:*:*:*:*", "matchCriteriaId": "2AC5F341-81B9-472D-9AB9-8B04F84EF1B2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)cv\\(0.342\\):*:*:*:*:*:*:*", "matchCriteriaId": "7304A486-5925-42D3-A5F3-21671BB3FB2D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:nx-os:8.3\\(0\\)cv\\(0.345\\):*:*:*:*:*:*:*", "matchCriteriaId": "A69FDDA8-B18D-483E-B1D5-5DD76A053D18" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA" } ] } ] } ], "references": [ { "url": "http://www.securityfocus.com/bid/96920", "source": "ykramarz@cisco.com", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "http://www.securitytracker.com/id/1038046", "source": "ykramarz@cisco.com" }, { "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }