CVE-2017-3875: Input Validation
First published: Fri Mar 17 2017(Updated: )
An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1) 7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1) 6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.337) 7.3(1)N1(1) 7.3(0)ZN(0.210) 7.3(0)ZN(0.177) 7.3(0)ZD(0.194) 7.3(0)TSH(0.99) 7.3(0)SC(0.14) 7.3(0)RSP(0.7) 7.3(0)N1(1) 7.3(0)N1(0.193) 7.3(0)IZN(0.13) 7.3(0)IB(0.102) 7.3(0)GLF(0.44) 7.3(0)D1(0.178) 7.1(0)D1(0.14) 7.0(3)ITI2(1.6) 7.0(3)ISH1(2.13) 7.0(3)IFD6(0.78) 7.0(3)IFD6(0) 7.0(3)IDE6(0.12) 7.0(3)IDE6(0) 7.0(3)I2(1) 7.0(3)I2(0.315) 7.0(1)ZD(0.3) 7.0(0)ZD(0.84) 6.2(1.149)S0 6.2(0.285) 6.1(5.32)S0 6.1(4.97)S0 6.1(2.30)S0.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | =5.2\(4\) | |
| Cisco NX-OS | =6.1\(3\)s5 | |
| Cisco NX-OS | =6.1\(3\)s6 | |
| Cisco NX-OS | =6.2\(1.121\)s0 | |
| Cisco NX-OS | =7.2\(1\)d1\(1\) | |
| Cisco NX-OS | =7.3\(0\)zn\(0.161\) | |
| Cisco NX-OS | =7.3\(1\)n1\(0.1\) | |
| Cisco Nexus 7000 | ||
| Cisco Nexus 7000 | ||
| Cisco Nexus 7000 | ||
| Cisco Nexus 7000 9-Slot Firmware | ||
| Cisco Nexus 7700 series | ||
| Cisco Nexus 7700 series | ||
| Cisco Nexus 7700 series | ||
| Cisco Nexus 7700 6-slot |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3875?
CVE-2017-3875 has a critical severity rating due to the potential for unauthenticated remote access to sensitive network configurations.
How do I fix CVE-2017-3875?
To fix CVE-2017-3875, update your Cisco NX-OS version to one that is not affected by this vulnerability.
Which systems are affected by CVE-2017-3875?
CVE-2017-3875 affects specific versions of Cisco NX-OS on the Nexus 7000 Series Switches.
Can CVE-2017-3875 be exploited remotely?
Yes, CVE-2017-3875 can be exploited remotely by an unauthenticated attacker.
What can an attacker achieve by exploiting CVE-2017-3875?
An attacker exploiting CVE-2017-3875 can bypass defined traffic rules in access control lists on the affected systems.
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/5.2\(4\)
- version/cisco nx-os/6.1\(3\)s5
- version/cisco nx-os/6.1\(3\)s6
- version/cisco nx-os/6.2\(1.121\)s0
- version/cisco nx-os/7.2\(1\)d1\(1\)
- version/cisco nx-os/7.3\(0\)zn\(0.161\)
- version/cisco nx-os/7.3\(1\)n1\(0.1\)
- canonical/cisco nexus 7000
- canonical/cisco nexus 7000 9-slot firmware
- canonical/cisco nexus 7700 series
- canonical/cisco nexus 7700 6-slot