What is CVE-2017-6655?

CVE-2017-6655 is a medium-severity vulnerability in Cisco Mds_9000_nx-os, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.5/10. Published 2017-06-13.

How severe is CVE-2017-6655?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Buffer overflow in Cisco Mds_9000_nx-os

CVE-2017-6655

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related process unexpecte…

Vulnerability class: Buffer Overflow

EPSS: 0.002 (48.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Cisco Mds_9000_nx-os — versions 7.3\(1\)d1\(1\)
Cisco Nx-os — versions 8.0\(1\)s2, 8.3\(0\)cv\(0.833\)
Cisco Nx-os_for_nexus_5500_platform_switches — versions 7.3\(1\)n1\(1\)
Cisco Nx-os_for_nexus_5600_platform_switches — versions 7.3\(1\)n1\(1\)
Cisco Nx-os_for_nexus_7700_series_switches — versions 8.0\(1\)\(ed\)
N/a Cisco Nx-os Software Fibre Channel Over Ethernet — versions Cisco NX-OS Software Fibre Channel over Ethernet

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-6655?: CVE-2017-6655 is a medium-severity vulnerability in Cisco Mds_9000_nx-os, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.5/10. Published 2017-06-13.
How severe is CVE-2017-6655?: Medium severity. CVSS v3 base score is 6.5 out of 10.