Sign-up

ID

VAR-201703-0887


CVE

CVE-2017-3875


TITLE

Cisco Nexus 7000 Vulnerabilities that bypass specific access control filtering mechanisms in series switches

Trust: 0.8

sources: JVNDB: JVNDB-2017-002484

DESCRIPTION

An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1) 7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1) 6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.337) 7.3(1)N1(1) 7.3(0)ZN(0.210) 7.3(0)ZN(0.177) 7.3(0)ZD(0.194) 7.3(0)TSH(0.99) 7.3(0)SC(0.14) 7.3(0)RSP(0.7) 7.3(0)N1(1) 7.3(0)N1(0.193) 7.3(0)IZN(0.13) 7.3(0)IB(0.102) 7.3(0)GLF(0.44) 7.3(0)D1(0.178) 7.1(0)D1(0.14) 7.0(3)ITI2(1.6) 7.0(3)ISH1(2.13) 7.0(3)IFD6(0.78) 7.0(3)IFD6(0) 7.0(3)IDE6(0.12) 7.0(3)IDE6(0) 7.0(3)I2(1) 7.0(3)I2(0.315) 7.0(1)ZD(0.3) 7.0(0)ZD(0.84) 6.2(1.149)S0 6.2(0.285) 6.1(5.32)S0 6.1(4.97)S0 6.1(2.30)S0. Vendors have confirmed this vulnerability Bug ID CSCtz59354 It is released as.Access control list by remote attacker (ACL) You may be able to avoid the predefined traffic set in. The Cisco Nexus 7000 Series Switches is a Cisco 7000 Series switch from Cisco. An attacker could exploit the vulnerability to bypass some security restrictions and perform unauthorized actions and launch further attacks. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCtz59354. A remote attacker could exploit this vulnerability by issuing specially crafted commands to bypass rulesets on Network Time Protocol (NTP) ACLs

Trust: 2.52

sources: NVD: CVE-2017-3875 // JVNDB: JVNDB-2017-002484 // CNVD: CNVD-2017-04488 // BID: 96930 // VULHUB: VHN-112078

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-04488

AFFECTED PRODUCTS

vendor:ciscomodel:nx-osscope:eqversion:7.3\(1\)n1\(0.1\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:5.2\(4\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(3\)s6

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:7.3\(0\)zn\(0.161\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.1\(3\)s5

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(1.121\)s0

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:7.2\(1\)d1\(1\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:5.2(4)

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:6.1(3)s5

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:6.1(3)s6

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:6.2(1.121)s0

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:7.2(1)d1(1)

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:7.3(0)zn(0.161)

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:7.3(1)n1(0.1)

Trust: 0.8

vendor:ciscomodel:nexus series switchesscope:eqversion:7000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:70000

Trust: 0.3

sources: CNVD: CNVD-2017-04488 // BID: 96930 // JVNDB: JVNDB-2017-002484 // CNNVD: CNNVD-201703-844 // NVD: CVE-2017-3875

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3875
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-3875
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-04488
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201703-844
value: MEDIUM

Trust: 0.6

VULHUB: VHN-112078
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-3875
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2017-3875
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2017-04488
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-112078
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-3875
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-04488 // VULHUB: VHN-112078 // JVNDB: JVNDB-2017-002484 // CNNVD: CNNVD-201703-844 // NVD: CVE-2017-3875

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-112078 // JVNDB: JVNDB-2017-002484 // NVD: CVE-2017-3875

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-844

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201703-844

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-002484

PATCH
title:cisco-sa-20170315-cnsurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns
Trust: 0.8
title:CiscoNexus 7000 Series Switches Security Patch Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/91833
Trust: 0.6
title:Cisco Nexus 7000 Series Switches Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68637
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-04488 // 
            
            
            
            JVNDB: JVNDB-2017-002484 // 
            
            
            
            CNNVD: CNNVD-201703-844

EXTERNAL IDS
db:NVDid:CVE-2017-3875
Trust: 3.4
db:BIDid:96930
Trust: 2.0
db:SECTRACKid:1038049
Trust: 1.1
db:JVNDBid:JVNDB-2017-002484
Trust: 0.8
db:CNNVDid:CNNVD-201703-844
Trust: 0.7
db:CNVDid:CNVD-2017-04488
Trust: 0.6
db:VULHUBid:VHN-112078
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-04488 // 
            
            
            
            VULHUB: VHN-112078 // 
            
            
            
            BID: 96930 // 
            
            
            
            JVNDB: JVNDB-2017-002484 // 
            
            
            
            CNNVD: CNNVD-201703-844 // 
            
            
            
            NVD: CVE-2017-3875

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170315-cns
Trust: 2.6
url:http://www.securityfocus.com/bid/96930
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-3875
Trust: 1.4
url:http://www.securitytracker.com/id/1038049
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3875
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-04488 // 
            
            
            
            VULHUB: VHN-112078 // 
            
            
            
            BID: 96930 // 
            
            
            
            JVNDB: JVNDB-2017-002484 // 
            
            
            
            CNNVD: CNNVD-201703-844 // 
            
            
            
            NVD: CVE-2017-3875

CREDITS
Cisco.
Trust: 0.3
sources:
            
            
            BID: 96930

SOURCES
db:CNVDid:CNVD-2017-04488
db:VULHUBid:VHN-112078
db:BIDid:96930
db:JVNDBid:JVNDB-2017-002484
db:CNNVDid:CNNVD-201703-844
db:NVDid:CVE-2017-3875

LAST UPDATE DATE
2024-11-23T22:13:09.523000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-04488date:2017-04-17T00:00:00
db:VULHUBid:VHN-112078date:2017-07-12T00:00:00
db:BIDid:96930date:2017-03-23T00:01:00
db:JVNDBid:JVNDB-2017-002484date:2017-04-17T00:00:00
db:CNNVDid:CNNVD-201703-844date:2017-03-21T00:00:00
db:NVDid:CVE-2017-3875date:2024-11-21T03:26:17.600

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-04488date:2017-04-17T00:00:00
db:VULHUBid:VHN-112078date:2017-03-17T00:00:00
db:BIDid:96930date:2017-03-15T00:00:00
db:JVNDBid:JVNDB-2017-002484date:2017-04-17T00:00:00
db:CNNVDid:CNNVD-201703-844date:2017-03-21T00:00:00
db:NVDid:CVE-2017-3875date:2017-03-17T22:59:00.470