CVE-2017-3883
CVSS5.0
发布时间 :2017-10-19 04:29:00
修订时间 :2017-11-07 15:39:40
NMS    

[原文]A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload. An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload. This vulnerability affects the following Cisco products if they are running Cisco FXOS or NX-OS System Software that is configured for AAA services: Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System (UCS) 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuq58760, CSCuq71257, CSCur97432, CSCus05214, CSCux54898, CSCvc33141, CSCvd36971, CSCve03660.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-399 [资源管理错误]

- CPE (受影响的平台与产品)

cpe:/o:cisco:fxos:2.3
cpe:/o:cisco:nx-os:2.2
cpe:/o:cisco:nx-os:2.5
cpe:/o:cisco:nx-os:3.0
cpe:/o:cisco:nx-os:3.1
cpe:/o:cisco:nx-os:3.2
cpe:/o:cisco:nx-os:4.1
cpe:/o:cisco:nx-os:5.2Cisco Nexus OS (aka NX-OS) 5.2
cpe:/o:cisco:nx-os:6.0
cpe:/o:cisco:nx-os:6.1Cisco Nexus OS (aka NX-OS) 6.1
cpe:/o:cisco:nx-os:6.2
cpe:/o:cisco:nx-os:6.3
cpe:/o:cisco:nx-os:7.0
cpe:/o:cisco:nx-os:7.0%283%29i3%281%29
cpe:/o:cisco:nx-os:7.1%280.1%29
cpe:/o:cisco:nx-os:7.3
cpe:/o:cisco:nx-os:8.1
cpe:/o:cisco:nx-os:8.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3883
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3883
(官方数据源) NVD

- 其它链接及资源

http://www.securityfocus.com/bid/101493
(VENDOR_ADVISORY)  BID  101493
http://www.securitytracker.com/id/1039614
(VENDOR_ADVISORY)  SECTRACK  1039614
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-aaavty
(VENDOR_ADVISORY)  CONFIRM  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-aaavty

- 漏洞信息

Cisco FXOS and NX-OS System Software CVE-2017-3883 Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 101493
Yes No
2017-10-18 12:00:00 2017-10-18 12:00:00
Cisco.

- 受影响的程序版本

Cisco Unified Computing System -
Cisco NX-OS 0
Cisco Nexus 7000 Series Switches 0
Cisco Nexus 5000 Series Switches 0
Cisco Nexus 1000V Switch for VMware vSphere 0
Cisco MDS 9000 Series Multilayer Switches 0

- 漏洞讨论

Cisco FXOS and NX-OS System Software is prone to denial-of-service vulnerability.

An attacker may exploit this issue to cause an affected device to reload, resulting in a denial-of-service condition.

This issue is being tracked by Cisco Bug ID's CSCuq58760 CSCuq71257 CSCur97432 CSCus05214 CSCux54898 CSCvc33141 CSCvd36971 and CSCve0366.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站