CVE-2017-3804 — Cisco Nx-os vulnerability

CWE-3995 documents5 sources

Severity

6.1MEDIUMNVD

EPSS

0.3%

top 43.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedJan 26

Latest updateMay 13

Description

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. Switches in the FabricPath domain crash because of an __inst_001__isis_fabricpath hap reset when processing a crafted link-state packet. More Information: CSCvc45002. Known Affected Releases: 7.1(3)N1(2.1) 7.1(3)N1(3.12) 7.3(2)N1(0.296) 8.0(1)S2. Kno…

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 1.6 | Impact: 4.0

Affected Packages1 packages

▶NVDcisco/nx-os4 versions+3

🔴Vulnerability Details

GHSA

GHSA-4m2r-jc4j-cmfx: A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches s↗2022-05-13

▶

CVEList

CVE-2017-3804: A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches s↗2017-01-26

▶

💥Exploits & PoCs

Exploit-DB

INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution↗2020-07-26

▶

📋Vendor Advisories

Cisco

Cisco Nexus 5000, 6000, and 7000 Series Switches Software IS-IS Packet Processing Denial of Service Vulnerability↗2017-01-18

▶