CVE-2017-6655Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco MDS 9000 Nx-os

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 52.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Cisco MDS 9000 Nx-osCisco Nx-osCisco Nx-os FOR Nexus 5500 Platform Switches+2 more
Timeline
PublishedJun 13
Latest updateMay 13

Description

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects Cisco NX-OS Software on the following Cisco devices when they are configured for FCoE: Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. More Information: CSCvc91729. Known Affected Rel

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDcisco/nx-os4 versions+3
NVDcisco/mds_9000_nx-os7.3\(1\)d1\(1\)

🔴Vulnerability Details

2
GHSA
GHSA-ffjq-497x-2qq5: A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent att2022-05-13
CVEList
CVE-2017-6655: A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent att2017-06-13

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software Fibre Channel over Ethernet Denial of Service Vulnerability2017-06-07
CVE-2017-6655 — Cisco MDS 9000 Nx-os vulnerability | cvebase