PT-2017-1537 · Cisco · Cisco Nx-Os
Publicado
2017-03-17
·
Atualizado
2017-07-12
·
CVE-2017-3878
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Cisco NX-OS Software versions prior to 7.0(3)I3(1)
Cisco NX-OS Software versions prior to 7.0(3)I3(0.257)
Cisco NX-OS Software versions prior to 7.0(3)I3(0.255)
Cisco NX-OS Software versions prior to 7.0(3)I2(2e)
Cisco NX-OS Software versions prior to 7.0(3)F1(1.22)
Cisco NX-OS Software versions prior to 7.0(3)F1(1)
Description
A Denial of Service issue in the Telnet remote login functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. The vulnerability is caused by a buffer overflow in memory. There is no impact to user traffic flowing through the device.
Recommendations
For versions 7.0(3)I3(0.170) and earlier, update to version 7.0(3)I3(1) or later.
For versions prior to 7.0(3)I3(0.257), update to version 7.0(3)I3(0.257) or later.
For versions prior to 7.0(3)I3(0.255), update to version 7.0(3)I3(0.255) or later.
For versions prior to 7.0(3)I2(2e), update to version 7.0(3)I2(2e) or later.
For versions prior to 7.0(3)F1(1.22), update to version 7.0(3)F1(1.22) or later.
For versions prior to 7.0(3)F1(1), update to version 7.0(3)F1(1) or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Nx-Os