CVE-2017-6655 - Vulnerability Details

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpectedly reloads. This vulnerability affects Cisco NX-OS Software on the following Cisco devices when they are configured for FCoE: Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. More Information: CSCvc91729. Known Affected Releases: 8.3(0)CV(0.833). Known Fixed Releases: 8.3(0)ISH(0.62) 8.3(0)CV(0.944) 8.1(1) 8.1(0.8)S0 7.3(2)D1(0.47).

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Mds 9000 Nx-os Nx-os Nx-os For Nexus 5500 Platform Switches Nx-os For Nexus 5600 Platform Switches Nx-os For Nexus 7700 Series Switches

Configuration 1 [-]

OR	cpe:2.3:a:cisco:mds_9000_nx-os:7.3\(1\)d1\(1\):::::::*
	cpe:2.3:a:cisco:nx-os_for_nexus_5500_platform_switches:7.3\(1\)n1\(1\):::::::*
	cpe:2.3:a:cisco:nx-os_for_nexus_5600_platform_switches:7.3\(1\)n1\(1\):::::::*
	cpe:2.3:a:cisco:nx-os_for_nexus_7700_series_switches:8.0\(1\)\(ed\):::::::*
	cpe:2.3:o:cisco:nx-os:8.0\(1\)s2:::::::*
	cpe:2.3:o:cisco:nx-os:8.3\(0\)cv\(0.833\):::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/98991
http://www.securitytracker.com/id/1038628
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-nxos

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-06-13T06:00:00

Updated: 2024-08-05T15:33:20.457Z

Reserved: 2017-03-09T00:00:00

Link: CVE-2017-6655

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-06-13T06:29:00.830

Modified: 2024-11-21T03:30:14.127

Link: CVE-2017-6655

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object