CVE-2017-3803
First published: Thu Jan 26 2017(Updated: )
A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. More Information: CSCva72252. Known Affected Releases: 15.2(2)E3 15.2(4)E1. Known Fixed Releases: 15.2(2)E6 15.2(4)E3 15.2(5)E1 15.2(5.3.28i)E1 15.2(6.0.49i)E 3.9(1)E.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Puppet Cisco IOS | =15.2\(2\)e3 | |
| Puppet Cisco IOS | =15.2\(4\)e1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3803?
CVE-2017-3803 has been rated with a CVSS base score that indicates a moderate risk for potential disruptions.
How do I fix CVE-2017-3803?
To remediate CVE-2017-3803, upgrade to the affected Cisco IOS software versions that are specified in the advisory.
What systems are affected by CVE-2017-3803?
CVE-2017-3803 affects the Cisco IOS Software running on the 2960X and 3750X switch models.
What impact does CVE-2017-3803 have on my network?
CVE-2017-3803 can cause a memory leak that may lead to a partial denial of service condition in your network.
Is authentication required to exploit CVE-2017-3803?
No, CVE-2017-3803 can be exploited by an unauthenticated, adjacent attacker, making it particularly concerning.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/15.2\(2\)e3
- version/cisco ios/15.2\(4\)e1