{"containers": {"cna": {"affected": [{"product": "Cisco Nexus 9000 Series Switches", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Nexus 9000 Series Switches"}]}], "datePublic": "2017-03-17T00:00:00", "descriptions": [{"lang": "en", "value": "A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCux46778. Known Affected Releases: 7.0(3)I3(0.170). Known Fixed Releases: 7.0(3)I3(1) 7.0(3)I3(0.257) 7.0(3)I3(0.255) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1)."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-11T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1038047", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038047"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss"}, {"name": "96927", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96927"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-3878", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Nexus 9000 Series Switches", "version": {"version_data": [{"version_value": "Cisco Nexus 9000 Series Switches"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCux46778. Known Affected Releases: 7.0(3)I3(0.170). Known Fixed Releases: 7.0(3)I3(1) 7.0(3)I3(0.257) 7.0(3)I3(0.255) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service Vulnerability"}]}]}, "references": {"reference_data": [{"name": "1038047", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038047"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss"}, {"name": "96927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96927"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:39:41.328Z"}, "title": "CVE Program Container", "references": [{"name": "1038047", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038047"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss"}, {"name": "96927", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96927"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-3878", "datePublished": "2017-03-17T22:00:00", "dateReserved": "2016-12-21T00:00:00", "dateUpdated": "2024-08-05T14:39:41.328Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.170\\):*:*:*:*:*:*:*", "matchCriteriaId": "2AC5F341-81B9-472D-9AB9-8B04F84EF1B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA5389A-8AD1-476E-983A-54DF573C30F5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB2FFD26-8255-4351-8594-29D2AEFC06EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "61E10975-B47E-4F4D-8096-AEC7B7733612", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "182000E0-8204-4D8B-B7DE-B191AFE12E28", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDC208BC-7E19-48C6-A20E-A79A51B7362C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "084D0191-563B-4FF0-B589-F35DA118E1C6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "968390BC-B430-4903-B614-13104BFAE635", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7B90D36-5124-4669-8462-4EAF35B0F53D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "737C724A-B6CD-4FF7-96E0-EBBF645D660E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7067AEC7-DFC8-4437-9338-C5165D9A8F36", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "71D4CF15-B293-4403-A1A9-96AD3933BAEF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBCC1515-2DBE-4DF2-8E83-29A869170F36", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "7282AAFF-ED18-4992-AC12-D953C35EC328", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "360409CC-4172-4878-A76B-EA1C1F8C7A79", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", "matchCriteriaId": "B76FB64F-16F0-4B0B-B304-B46258D434BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. Affected Products: This vulnerability affects Cisco Nexus 9000 Series Switches that are running Cisco NX-OS Software and are configured to allow remote Telnet connections to the device. More Information: CSCux46778. Known Affected Releases: 7.0(3)I3(0.170). Known Fixed Releases: 7.0(3)I3(1) 7.0(3)I3(0.257) 7.0(3)I3(0.255) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1)."}, {"lang": "es", "value": "Una vulnerabilidad de denegaci\u00f3n de servicio en la funcionalidad de inicio de sesi\u00f3n remota de Telnet del software Cisco NX-OS que se ejecuta en Cisco Nexus 9000 Series Switches podr\u00eda permitir a un atacante remoto no autenticado provocar que un proceso Telnet utilizado para iniciar sesi\u00f3n finalizara inesperadamente y que el intento de inicio de sesi\u00f3n fallara. No hay impacto en el tr\u00e1fico de usuarios que fluye a trav\u00e9s del dispositivo. Productos afectados: Esta vulnerabilidad afecta a los conmutadores Cisco Nexus serie 9000 que ejecutan el software Cisco NX-OS y est\u00e1n configurados para permitir conexiones Telnet remotas al dispositivo. M\u00e1s informaci\u00f3n: CSCux46778. Lanzamientos afectados conocidos: 7.0(3)I3(1) 7.0(3)I3(0.257) 7.0(3)I3(0.255) 7.0(3)I2(2e) 7.0(3)F1(1.22) 7.0(3)F1(1)."}], "id": "CVE-2017-3878", "lastModified": "2017-07-12T01:29:17.003", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-17T22:59:00.547", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96927"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1038047"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}