Brute-force attack - CVE-2017-3883
Published: October 19, 2017
Vulnerability identifier: #VU8894
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-3883
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition.
The weakness exists in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software due to AAA processes prevent the NX-OS System Manager from receiving keepalive messages. A remote attacker can perform brute-force attack, trigger the AAA process to unexpectedly restart or cause the device to reload.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software due to AAA processes prevent the NX-OS System Manager from receiving keepalive messages. A remote attacker can perform brute-force attack, trigger the AAA process to unexpectedly restart or cause the device to reload.
Successful exploitation of the vulnerability results in denial of service.
How to mitigate CVE-2017-3883
Install update from vendor's website.