CVE-2017-3875Improper Input Validation in Cisco Nx-os

CWE-20Improper Input Validation4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 51.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedMar 17
Latest updateMay 17

Description

An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1) 7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1) 6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.3

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

NVDcisco/nx-os7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-w838-4jcq-qc2c: An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could a2022-05-17
CVEList
CVE-2017-3875: An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could a2017-03-17

📋Vendor Advisories

1
Cisco
Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass Vulnerability2017-03-15
CVE-2017-3875 — Improper Input Validation in Cisco | cvebase