CVE-2017-3878

Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software versions prior to 7.0(3)I3(1) Cisco NX-OS Software versions prior to 7.0(3)I3(0.257) Cisco NX-OS Software versions prior to 7.0(3)I3(0.255) Cisco NX-OS Software versions prior to 7.0(3)I2(2e) Cisco NX-OS Software versions prior to 7.0(3)F1(1.22) Cisco NX-OS Software versions prior to 7.0(3)F1(1)

Description A Denial of Service issue in the Telnet remote login functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. The vulnerability is caused by a buffer overflow in memory. There is no impact to user traffic flowing through the device.

Recommendations For versions 7.0(3)I3(0.170) and earlier, update to version 7.0(3)I3(1) or later. For versions prior to 7.0(3)I3(0.257), update to version 7.0(3)I3(0.257) or later. For versions prior to 7.0(3)I3(0.255), update to version 7.0(3)I3(0.255) or later. For versions prior to 7.0(3)I2(2e), update to version 7.0(3)I2(2e) or later. For versions prior to 7.0(3)F1(1.22), update to version 7.0(3)F1(1.22) or later. For versions prior to 7.0(3)F1(1), update to version 7.0(3)F1(1) or later.