← Back

CVE-2017-3883

nvd nist
Published: Oct 19, 2017Modified: May 13, 2026

JSON object

Loading...
8.6
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 4.0
Source: NVD

Description

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload. An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload. This vulnerability affects the following Cisco products if they are running Cisco FXOS or NX-OS System Software that is configured for AAA services: Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System (UCS) 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuq58760, CSCuq71257, CSCur97432, CSCus05214, CSCux54898, CSCvc33141, CSCvd36971, CSCve03660.

Affected (20)

Cisco
3 products
Firepower Extensible Operating System
Fxos
Nx Os
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Firepower Extensible Operating System
Up to 2.3
Running on/withPlatform Versions
Cisco
Firepower 4100
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fxos
Version 2.3
Running on/withPlatform Versions
Cisco
Firepower 9300
All versions
Configuration C
5 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Version 6.2
Nx Os
Version 6.3
Nx Os
Version 7.3
Nx Os
Version 8.1
Nx Os
Version 8.2
Running on/withPlatform Versions
Cisco
Mds 9000
All versions
Configuration D
2 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Up to 4.1
Nx Os
Version 5.2
Running on/withPlatform Versions
Cisco
Nexus 1000v
All versions
Cisco
Nexus 1100v
All versions
Configuration E
1 vulnerable · 7 platform
Vulnerable SoftwareAffected Versions
Nx Os
Up to 6.0
Running on/withPlatform Versions
Cisco
Nexus 3000
All versions
Cisco
Nexus 3016
All versions
Cisco
Nexus 3016q
All versions
Cisco
Nexus 3048
All versions
Cisco
Nexus 3064
All versions
Cisco
Nexus 3064t
All versions
Cisco
Nexus 3064x
All versions
Configuration F
1 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 7.0(3)i3(1)
Running on/withPlatform Versions
Cisco
Nexus 3500
All versions
Cisco
Nexus 3524
All versions
Cisco
Nexus 3548
All versions
Configuration G
1 vulnerable · 19 platform
Vulnerable SoftwareAffected Versions
Nx Os
Up to 5.2
Running on/withPlatform Versions
Cisco
Nexus 2000
All versions
Cisco
Nexus 5000
All versions
Cisco
Nexus 5010
All versions
Cisco
Nexus 5010p Switch
All versions
Cisco
Nexus 5500
All versions
Cisco
Nexus 5548p
All versions
Cisco
Nexus 5548up
All versions
Cisco
Nexus 5596t
All versions
Cisco
Nexus 5596up
All versions
Cisco
Nexus 5600
All versions
Cisco
Nexus 56128p
All versions
Cisco
Nexus 5624q
All versions
Cisco
Nexus 5648q
All versions
Cisco
Nexus 5672up
All versions
Cisco
Nexus 5696q
All versions
Cisco
Nexus 6000
All versions
Cisco
Nexus 6001
All versions
Cisco
Nexus 6004
All versions
Cisco
Nexus 6004x
All versions
Configuration H
1 vulnerable · 5 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 7.1(0.1)
Running on/withPlatform Versions
Cisco
Nexus 7000
All versions
Cisco
Nexus 7000 10 Slot
All versions
Cisco
Nexus 7000 18 Slot
All versions
Cisco
Nexus 7000 9 Slot
All versions
Cisco
Nexus 7700
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 6.1
Running on/withPlatform Versions
Cisco
Nexus 9000
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 7.0
Running on/withPlatform Versions
Cisco
9500 R
All versions
Configuration K
5 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Up to 2.2
Nx Os
Version 2.5
Nx Os
Version 3.0
Nx Os
Version 3.1
Nx Os
Version 3.2
Running on/withPlatform Versions
Cisco
Ucs 6100
All versions
Cisco
Ucs 6200
All versions
Cisco
Ucs 6300
All versions

Related CWEs

CWE-770
Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (8)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.