CVE-2017-3879

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software versions 7.0(3)I3(1) through 8.3(0)CV(0.345)

Description A Denial of Service issue in the remote login functionality for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. The attacker could use either a Telnet or an SSH client for the remote login attempt. There is no impact to user traffic flowing through the device. The issue is due to improper handling of failed authentication during login.

Recommendations For versions 7.0(3)I3(1) and 8.3(0)CV(0.342), update to version 8.3(0)CV(0.362) or later. For version 8.3(0)CV(0.345), update to version 8.3(0)CV(0.362) or later. As a temporary workaround, consider restricting access to remote Telnet connections to minimize the risk of exploitation.