This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_CISCO_CVE-2017-3875.NASLCisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass (CVE-2017-3875)
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
51.1%
An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More Information: CSCtz59354. Known Affected Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1) 7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1) 6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.337) 7.3(1)N1(1) 7.3(0)ZN(0.210) 7.3(0)ZN(0.177) 7.3(0)ZD(0.194) 7.3(0)TSH(0.99) 7.3(0)SC(0.14) 7.3(0)RSP(0.7) 7.3(0)N1(1) 7.3(0)N1(0.193) 7.3(0)IZN(0.13) 7.3(0)IB(0.102) 7.3(0)GLF(0.44) 7.3(0)D1(0.178) 7.1(0)D1(0.14) 7.0(3)ITI2(1.6) 7.0(3)ISH1(2.13) 7.0(3)IFD6(0.78) 7.0(3)IFD6(0) 7.0(3)IDE6(0.12) 7.0(3)IDE6(0) 7.0(3)I2(1) 7.0(3)I2(0.315) 7.0(1)ZD(0.3) 7.0(0)ZD(0.84) 6.2(1.149)S0 6.2(0.285) 6.1(5.32)S0 6.1(4.97)S0 6.1(2.30)S0.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501420);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/26");
script_cve_id("CVE-2017-3875");
script_name(english:"Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass (CVE-2017-3875)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"An Access-Control Filtering Mechanisms Bypass vulnerability in certain
access-control filtering mechanisms on Cisco Nexus 7000 Series
Switches could allow an unauthenticated, remote attacker to bypass
defined traffic configured within an access control list (ACL) on the
affected system. More Information: CSCtz59354. Known Affected
Releases: 5.2(4) 6.1(3)S5 6.1(3)S6 6.2(1.121)S0 7.2(1)D1(1)
7.3(0)ZN(0.161) 7.3(1)N1(0.1). Known Fixed Releases: 7.3(0)D1(1)
6.2(2) 6.1(5) 8.3(0)KMT(0.24) 8.3(0)CV(0.337) 7.3(1)N1(1)
7.3(0)ZN(0.210) 7.3(0)ZN(0.177) 7.3(0)ZD(0.194) 7.3(0)TSH(0.99)
7.3(0)SC(0.14) 7.3(0)RSP(0.7) 7.3(0)N1(1) 7.3(0)N1(0.193)
7.3(0)IZN(0.13) 7.3(0)IB(0.102) 7.3(0)GLF(0.44) 7.3(0)D1(0.178)
7.1(0)D1(0.14) 7.0(3)ITI2(1.6) 7.0(3)ISH1(2.13) 7.0(3)IFD6(0.78)
7.0(3)IFD6(0) 7.0(3)IDE6(0.12) 7.0(3)IDE6(0) 7.0(3)I2(1)
7.0(3)I2(0.315) 7.0(1)ZD(0.3) 7.0(0)ZD(0.84) 6.2(1.149)S0 6.2(0.285)
6.1(5.32)S0 6.1(4.97)S0 6.1(2.30)S0.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/96930");
script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1038049");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?86a84684");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-3875");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/17");
script_set_attribute(attribute:"patch_publication_date", value:"2017/03/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:5.2%284%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%283%29s5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.1%283%29s6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:6.2%281.121%29s0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7.2%281%29d1%281%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7.3%280%29zn%280.161%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os:7.3%281%29n1%280.1%29");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Cisco");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Cisco');
var asset = tenable_ot::assets::get(vendor:'Cisco');
var vuln_cpes = {
"cpe:/o:cisco:nx-os:5.2%284%29" :
{"versionEndIncluding" : "5.2%284%29", "versionStartIncluding" : "5.2%284%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.1%283%29s5" :
{"versionEndIncluding" : "6.1%283%29s5", "versionStartIncluding" : "6.1%283%29s5", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.1%283%29s6" :
{"versionEndIncluding" : "6.1%283%29s6", "versionStartIncluding" : "6.1%283%29s6", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:6.2%281.121%29s0" :
{"versionEndIncluding" : "6.2%281.121%29s0", "versionStartIncluding" : "6.2%281.121%29s0", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.2%281%29d1%281%29" :
{"versionEndIncluding" : "7.2%281%29d1%281%29", "versionStartIncluding" : "7.2%281%29d1%281%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.3%280%29zn%280.161%29" :
{"versionEndIncluding" : "7.3%280%29zn%280.161%29", "versionStartIncluding" : "7.3%280%29zn%280.161%29", "family" : "NXOS"},
"cpe:/o:cisco:nx-os:7.3%281%29n1%280.1%29" :
{"versionEndIncluding" : "7.3%281%29n1%280.1%29", "versionStartIncluding" : "7.3%281%29n1%280.1%29", "family" : "NXOS"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | nx-os | 5.2%284%29 | cpe:/o:cisco:nx-os:5.2%284%29 |
| cisco | nx-os | 6.1%283%29s5 | cpe:/o:cisco:nx-os:6.1%283%29s5 |
| cisco | nx-os | 6.1%283%29s6 | cpe:/o:cisco:nx-os:6.1%283%29s6 |
| cisco | nx-os | 6.2%281.121%29s0 | cpe:/o:cisco:nx-os:6.2%281.121%29s0 |
| cisco | nx-os | 7.2%281%29d1%281%29 | cpe:/o:cisco:nx-os:7.2%281%29d1%281%29 |
| cisco | nx-os | 7.3%280%29zn%280.161%29 | cpe:/o:cisco:nx-os:7.3%280%29zn%280.161%29 |
| cisco | nx-os | 7.3%281%29n1%280.1%29 | cpe:/o:cisco:nx-os:7.3%281%29n1%280.1%29 |
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
51.1%