Action not permitted
Modal body text goes here.
Modal Title
Modal Body
fkie_cve-2017-6738
Vulnerability from fkie_nvd
Published
2017-07-17 21:29
Modified
2025-07-31 17:15
Severity ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.
Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99345 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038808 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | Vendor Advisory |
{ "cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "63ACD7DB-DCFE-4CDB-A3F0-4E413E178315", "versionEndIncluding": "12.4", "versionStartIncluding": "12.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "650EB42C-D85F-482B-972D-7DCAC210DC48", "versionEndIncluding": "15.6", "versionStartIncluding": "15.0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B36DE05-C663-4F15-B52C-921378DA4CD4", "versionEndIncluding": "3.17.0", "versionStartIncluding": "2.2.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.\r\n\r Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities." }, { "lang": "es", "value": "El protocolo SNMP (SimpleNetwork Management Protocol) de Cisco iOS 12.0 hasta la 12.4, 15.0 hasta la 15.6 e iOS XE 2.2 hasta la 3.17 contiene m\u00faltiples vulnerabilidades que pueden permitir una autenticaci\u00f3n a un atacante remoto para ejecutar c\u00f3digo remotamente en el sistema afectado o causar una recarga. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete SNMP manipulado al sistema afectado mediante IPv4 o IPv6. Solo el tr\u00e1fico directo al sistema afectado puede usarse para explotar estar vulnerabilidades. Esta vulnerabilidades son debidas a un buffer overflow en el subsistema SNMP del software afectado. Esta vulnerabilidad afecta a todas las versiones de SNMP: Versiones 1, 2c y 3. Para explotarlas en versiones 2c o anteriores, el atacante debe saber sobre la cadena comunitaria de solo lectura del SNMP del sistema afectado. Pra explotarlas en las versi\u00f3n 3, el atacante tiene que tener credenciales de usuario del sistema. Todos los dispositivos que tienen habilitado el SNMP y no tienen una exclusi\u00f3n explicita del MIB u OID afectado debe ser considerado vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638." } ], "id": "CVE-2017-6738", "lastModified": "2025-07-31T17:15:27.987", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "psirt@cisco.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T21:29:00.290", "references": [ { "source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/99345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1038808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp" } ], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "psirt@cisco.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
CVE-2017-6738 (GCVE-0-2017-6738)
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2025-07-31 16:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.
Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
References
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
► | Cisco | IOS |
Version: 12.2(53)SE1 Version: 12.2(55)SE Version: 12.2(50)SE2 Version: 12.2(50)SE1 Version: 12.2(50)SE5 Version: 12.2(53)SE Version: 12.2(55)SE3 Version: 12.2(55)SE2 Version: 12.2(52)SE Version: 12.2(58)SE Version: 12.2(50)SE3 Version: 12.2(55)SE1 Version: 12.2(53)SE2 Version: 12.2(52)SE1 Version: 12.2(54)SE Version: 12.2(50)SE4 Version: 12.2(50)SE Version: 12.2(58)SE1 Version: 12.2(55)SE4 Version: 12.2(58)SE2 Version: 12.2(55)SE5 Version: 12.2(55)SE6 Version: 12.2(55)SE7 Version: 12.2(55)SE8 Version: 12.2(55)SE9 Version: 12.2(55)SE10 Version: 12.2(55)SE11 Version: 12.2(53)EX Version: 12.2(52)EX Version: 12.2(55)EX Version: 12.2(52)EX1 Version: 12.2(55)EX1 Version: 12.2(55)EX2 Version: 12.2(55)EX3 Version: 12.2(58)EX Version: 12.2(55)EY Version: 12.2(52)EY1 Version: 12.2(52)EY Version: 12.2(53)EY Version: 12.2(52)EY2 Version: 12.2(52)EY1b Version: 12.2(52)EY1c Version: 12.2(58)EY Version: 12.2(52)EY3 Version: 12.2(52)EY2a Version: 12.2(58)EY1 Version: 12.2(52)EY4 Version: 12.2(52)EY3a Version: 12.2(58)EY2 Version: 12.2(58)EZ Version: 12.2(53)EZ Version: 12.2(55)EZ Version: 12.2(60)EZ Version: 12.2(60)EZ1 Version: 12.2(60)EZ2 Version: 12.2(60)EZ3 Version: 12.2(60)EZ4 Version: 12.2(60)EZ5 Version: 12.2(60)EZ6 Version: 12.2(60)EZ7 Version: 12.2(60)EZ8 Version: 12.2(60)EZ9 Version: 12.2(60)EZ10 Version: 12.2(60)EZ11 Version: 12.2(50)SG3 Version: 12.2(53)SG Version: 12.2(50)SG6 Version: 12.2(53)SG1 Version: 12.2(53)SG2 Version: 12.2(50)SG5 Version: 12.2(53)SG3 Version: 12.2(50)SG8 Version: 12.2(50)SG2 Version: 12.2(54)SG1 Version: 12.2(50)SG1 Version: 12.2(52)SG Version: 12.2(54)SG Version: 12.2(50)SG Version: 12.2(50)SG7 Version: 12.2(53)SG4 Version: 12.2(50)SG4 Version: 12.2(53)SG5 Version: 12.2(53)SG6 Version: 12.2(53)SG7 Version: 12.2(53)SG8 Version: 12.2(53)SG9 Version: 12.2(53)SG10 Version: 12.2(53)SG11 Version: 12.2(33)SXI Version: 12.2(33)SXI1 Version: 12.2(52)XO Version: 12.2(54)XO Version: 12.2(50)SQ2 Version: 12.2(50)SQ1 Version: 12.2(50)SQ Version: 12.2(50)SQ3 Version: 12.2(50)SQ4 Version: 12.2(50)SQ5 Version: 12.2(50)SQ6 Version: 12.2(50)SQ7 Version: 15.0(1)XO1 Version: 15.0(1)XO Version: 15.0(2)XO Version: 15.3(1)T Version: 15.3(2)T Version: 15.3(1)T1 Version: 15.3(1)T2 Version: 15.3(1)T3 Version: 15.3(1)T4 Version: 15.3(2)T1 Version: 15.3(2)T2 Version: 15.3(2)T3 Version: 15.3(2)T4 Version: 15.0(1)EY Version: 15.0(1)EY1 Version: 15.0(1)EY2 Version: 15.0(2)EY Version: 15.0(2)EY1 Version: 15.0(2)EY2 Version: 15.0(2)EY3 Version: 12.2(54)WO Version: 15.0(1)SE Version: 15.0(2)SE Version: 15.0(1)SE1 Version: 15.0(1)SE2 Version: 15.0(1)SE3 Version: 15.0(2)SE1 Version: 15.0(2)SE2 Version: 15.0(2)SE3 Version: 15.0(2)SE4 Version: 15.0(2)SE5 Version: 15.0(2)SE6 Version: 15.0(2)SE7 Version: 15.0(2)SE8 Version: 15.0(2)SE9 Version: 15.0(2)SE10 Version: 15.0(2)SE10a Version: 15.1(1)SG Version: 15.1(2)SG Version: 15.1(1)SG1 Version: 15.1(1)SG2 Version: 15.1(2)SG1 Version: 15.1(2)SG2 Version: 15.1(2)SG3 Version: 15.1(2)SG4 Version: 15.1(2)SG5 Version: 15.1(2)SG6 Version: 15.1(2)SG7 Version: 15.1(2)SG8 Version: 15.2(4)M Version: 15.2(4)M1 Version: 15.2(4)M2 Version: 15.2(4)M4 Version: 15.2(4)M3 Version: 15.2(4)M5 Version: 15.2(4)M8 Version: 15.2(4)M10 Version: 15.2(4)M7 Version: 15.2(4)M6 Version: 15.2(4)M9 Version: 15.2(4)M6a Version: 15.2(4)M11 Version: 15.0(2)SG Version: 15.0(2)SG1 Version: 15.0(2)SG2 Version: 15.0(2)SG3 Version: 15.0(2)SG4 Version: 15.0(2)SG5 Version: 15.0(2)SG6 Version: 15.0(2)SG7 Version: 15.0(2)SG8 Version: 15.0(2)SG9 Version: 15.0(2)SG10 Version: 15.0(2)SG11 Version: 15.0(2)SG11a Version: 15.0(1)EX Version: 15.0(2)EX Version: 15.0(2)EX1 Version: 15.0(2)EX2 Version: 15.0(2)EX3 Version: 15.0(2)EX4 Version: 15.0(2)EX5 Version: 15.0(2)EX8 Version: 15.0(2a)EX5 Version: 15.0(2)EX10 Version: 15.0(2)EX11 Version: 15.0(2)EX13 Version: 15.0(2)EX12 Version: 15.2(2)GC Version: 15.2(3)GC Version: 15.2(3)GC1 Version: 15.2(4)GC Version: 15.2(4)GC2 Version: 15.2(4)GC3 Version: 15.4(1)T Version: 15.4(2)T Version: 15.4(1)T2 Version: 15.4(1)T1 Version: 15.4(1)T3 Version: 15.4(2)T1 Version: 15.4(2)T3 Version: 15.4(2)T2 Version: 15.4(1)T4 Version: 15.4(2)T4 Version: 15.0(2)EA Version: 15.0(2)EA1 Version: 15.2(1)E Version: 15.2(2)E Version: 15.2(1)E1 Version: 15.2(3)E Version: 15.2(1)E2 Version: 15.2(1)E3 Version: 15.2(2)E1 Version: 15.2(4)E Version: 15.2(3)E1 Version: 15.2(2)E2 Version: 15.2(2a)E1 Version: 15.2(2)E3 Version: 15.2(2a)E2 Version: 15.2(3)E2 Version: 15.2(3a)E Version: 15.2(3)E3 Version: 15.2(4)E1 Version: 15.2(2)E4 Version: 15.2(2)E5 Version: 15.2(4)E2 Version: 15.2(3)E4 Version: 15.2(5)E Version: 15.2(4)E3 Version: 15.2(2)E6 Version: 15.2(5a)E Version: 15.2(5)E1 Version: 15.2(5b)E Version: 15.2(2)E5a Version: 15.2(5c)E Version: 15.2(2)E5b Version: 15.2(5a)E1 Version: 15.2(4)E4 Version: 15.2(5)E2 Version: 15.3(3)M Version: 15.3(3)M1 Version: 15.3(3)M2 Version: 15.3(3)M3 Version: 15.3(3)M5 Version: 15.3(3)M4 Version: 15.3(3)M6 Version: 15.3(3)M7 Version: 15.3(3)M8 Version: 15.3(3)M9 Version: 15.3(3)M8a Version: 15.2(4)JN Version: 15.0(2)EZ Version: 15.2(1)EY Version: 15.0(2)EJ Version: 15.0(2)EJ1 Version: 15.2(1)SY Version: 15.2(1)SY1 Version: 15.2(1)SY0a Version: 15.2(1)SY2 Version: 15.2(2)SY Version: 15.2(1)SY1a Version: 15.2(2)SY1 Version: 15.2(2)SY2 Version: 15.2(1)SY3 Version: 15.2(1)SY4 Version: 15.2(5)EX Version: 15.2(4)JAZ1 Version: 15.0(2)EK Version: 15.0(2)EK1 Version: 15.4(1)CG Version: 15.4(1)CG1 Version: 15.4(2)CG Version: 15.2(2)EB Version: 15.2(2)EB1 Version: 15.2(2)EB2 Version: 15.5(1)T Version: 15.5(1)T1 Version: 15.5(2)T Version: 15.5(1)T2 Version: 15.5(1)T3 Version: 15.5(2)T1 Version: 15.5(2)T2 Version: 15.5(2)T3 Version: 15.5(2)T4 Version: 15.5(1)T4 Version: 15.2(2)EA Version: 15.2(2)EA1 Version: 15.2(2)EA2 Version: 15.2(3)EA Version: 15.2(4)EA Version: 15.2(4)EA1 Version: 15.2(2)EA3 Version: 15.2(4)EA3 Version: 15.2(5)EA Version: 15.2(4)EA4 Version: 15.2(4)EA5 Version: 15.5(3)M Version: 15.5(3)M1 Version: 15.5(3)M0a Version: 15.5(3)M2 Version: 15.5(3)M3 Version: 15.5(3)M4 Version: 15.5(3)M4a Version: 15.5(3)M5 Version: 15.3(3)JAA1 Version: 15.0(2)SQD Version: 15.0(2)SQD1 Version: 15.0(2)SQD2 Version: 15.0(2)SQD3 Version: 15.0(2)SQD4 Version: 15.0(2)SQD5 Version: 15.0(2)SQD6 Version: 15.6(1)T Version: 15.6(2)T Version: 15.6(1)T0a Version: 15.6(1)T1 Version: 15.6(2)T1 Version: 15.6(1)T2 Version: 15.6(2)T2 Version: 15.6(1)T3 Version: 15.3(1)SY Version: 15.3(1)SY1 Version: 15.3(1)SY2 Version: 15.6(3)M Version: 15.6(3)M1 Version: 15.6(3)M0a Version: 15.6(3)M1b Version: 15.6(3)M2 Version: 15.6(3)M2a Version: 15.2(4)EC1 Version: 15.2(4)EC2 Version: 15.3(3)JPC5 Version: 15.4(1)SY Version: 15.4(1)SY1 Version: 15.4(1)SY2 Version: 15.5(1)SY Version: 15.3(3)JPR1 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T15:41:17.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "99345", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99345" }, { "name": "1038808", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1038808" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2017-6738", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T17:36:26.152413Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-03-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6738" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:46:26.113Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2022-03-03T00:00:00+00:00", "value": "CVE-2017-6738 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "IOS", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "12.2(53)SE1" }, { "status": "affected", "version": "12.2(55)SE" }, { "status": "affected", "version": "12.2(50)SE2" }, { "status": "affected", "version": "12.2(50)SE1" }, { "status": "affected", "version": "12.2(50)SE5" }, { "status": "affected", "version": "12.2(53)SE" }, { "status": "affected", "version": "12.2(55)SE3" }, { "status": "affected", "version": "12.2(55)SE2" }, { "status": "affected", "version": "12.2(52)SE" }, { "status": "affected", "version": "12.2(58)SE" }, { "status": "affected", "version": "12.2(50)SE3" }, { "status": "affected", "version": "12.2(55)SE1" }, { "status": "affected", "version": "12.2(53)SE2" }, { "status": "affected", "version": "12.2(52)SE1" }, { "status": "affected", "version": "12.2(54)SE" }, { "status": "affected", "version": "12.2(50)SE4" }, { "status": "affected", "version": "12.2(50)SE" }, { "status": "affected", "version": "12.2(58)SE1" }, { "status": "affected", "version": "12.2(55)SE4" }, { "status": "affected", "version": "12.2(58)SE2" }, { "status": "affected", "version": "12.2(55)SE5" }, { "status": "affected", "version": "12.2(55)SE6" }, { "status": "affected", "version": "12.2(55)SE7" }, { "status": "affected", "version": "12.2(55)SE8" }, { "status": "affected", "version": "12.2(55)SE9" }, { "status": "affected", "version": "12.2(55)SE10" }, { "status": "affected", "version": "12.2(55)SE11" }, { "status": "affected", "version": "12.2(53)EX" }, { "status": "affected", "version": "12.2(52)EX" }, { "status": "affected", "version": "12.2(55)EX" }, { "status": "affected", "version": "12.2(52)EX1" }, { "status": "affected", "version": "12.2(55)EX1" }, { "status": "affected", "version": "12.2(55)EX2" }, { "status": "affected", "version": "12.2(55)EX3" }, { "status": "affected", "version": "12.2(58)EX" }, { "status": "affected", "version": "12.2(55)EY" }, { "status": "affected", "version": "12.2(52)EY1" }, { "status": "affected", "version": "12.2(52)EY" }, { "status": "affected", "version": "12.2(53)EY" }, { "status": "affected", "version": "12.2(52)EY2" }, { "status": "affected", "version": "12.2(52)EY1b" }, { "status": "affected", "version": "12.2(52)EY1c" }, { "status": "affected", "version": "12.2(58)EY" }, { "status": "affected", "version": "12.2(52)EY3" }, { "status": "affected", "version": "12.2(52)EY2a" }, { "status": "affected", "version": "12.2(58)EY1" }, { "status": "affected", "version": "12.2(52)EY4" }, { "status": "affected", "version": "12.2(52)EY3a" }, { "status": "affected", "version": "12.2(58)EY2" }, { "status": "affected", "version": "12.2(58)EZ" }, { "status": "affected", "version": "12.2(53)EZ" }, { "status": "affected", "version": "12.2(55)EZ" }, { "status": "affected", "version": "12.2(60)EZ" }, { "status": "affected", "version": "12.2(60)EZ1" }, { "status": "affected", "version": "12.2(60)EZ2" }, { "status": "affected", "version": "12.2(60)EZ3" }, { "status": "affected", "version": "12.2(60)EZ4" }, { "status": "affected", "version": "12.2(60)EZ5" }, { "status": "affected", "version": "12.2(60)EZ6" }, { "status": "affected", "version": "12.2(60)EZ7" }, { "status": "affected", "version": "12.2(60)EZ8" }, { "status": "affected", "version": "12.2(60)EZ9" }, { "status": "affected", "version": "12.2(60)EZ10" }, { "status": "affected", "version": "12.2(60)EZ11" }, { "status": "affected", "version": "12.2(50)SG3" }, { "status": "affected", "version": "12.2(53)SG" }, { "status": "affected", "version": "12.2(50)SG6" }, { "status": "affected", "version": "12.2(53)SG1" }, { "status": "affected", "version": "12.2(53)SG2" }, { "status": "affected", "version": "12.2(50)SG5" }, { "status": "affected", "version": "12.2(53)SG3" }, { "status": "affected", "version": "12.2(50)SG8" }, { "status": "affected", "version": "12.2(50)SG2" }, { "status": "affected", "version": "12.2(54)SG1" }, { "status": "affected", "version": "12.2(50)SG1" }, { "status": "affected", "version": "12.2(52)SG" }, { "status": "affected", "version": "12.2(54)SG" }, { "status": "affected", "version": "12.2(50)SG" }, { "status": "affected", "version": "12.2(50)SG7" }, { "status": "affected", "version": "12.2(53)SG4" }, { "status": "affected", "version": "12.2(50)SG4" }, { "status": "affected", "version": "12.2(53)SG5" }, { "status": "affected", "version": "12.2(53)SG6" }, { "status": "affected", "version": "12.2(53)SG7" }, { "status": "affected", "version": "12.2(53)SG8" }, { "status": "affected", "version": "12.2(53)SG9" }, { "status": "affected", "version": "12.2(53)SG10" }, { "status": "affected", "version": "12.2(53)SG11" }, { "status": "affected", "version": "12.2(33)SXI" }, { "status": "affected", "version": "12.2(33)SXI1" }, { "status": "affected", "version": "12.2(52)XO" }, { "status": "affected", "version": "12.2(54)XO" }, { "status": "affected", "version": "12.2(50)SQ2" }, { "status": "affected", "version": "12.2(50)SQ1" }, { "status": "affected", "version": "12.2(50)SQ" }, { "status": "affected", "version": "12.2(50)SQ3" }, { "status": "affected", "version": "12.2(50)SQ4" }, { "status": "affected", "version": "12.2(50)SQ5" }, { "status": "affected", "version": "12.2(50)SQ6" }, { "status": "affected", "version": "12.2(50)SQ7" }, { "status": "affected", "version": "15.0(1)XO1" }, { "status": "affected", "version": "15.0(1)XO" }, { "status": "affected", "version": "15.0(2)XO" }, { "status": "affected", "version": "15.3(1)T" }, { "status": "affected", "version": "15.3(2)T" }, { "status": "affected", "version": "15.3(1)T1" }, { "status": "affected", "version": "15.3(1)T2" }, { "status": "affected", "version": "15.3(1)T3" }, { "status": "affected", "version": "15.3(1)T4" }, { "status": "affected", "version": "15.3(2)T1" }, { "status": "affected", "version": "15.3(2)T2" }, { "status": "affected", "version": "15.3(2)T3" }, { "status": "affected", "version": "15.3(2)T4" }, { "status": "affected", "version": "15.0(1)EY" }, { "status": "affected", "version": "15.0(1)EY1" }, { "status": "affected", "version": "15.0(1)EY2" }, { "status": "affected", "version": "15.0(2)EY" }, { "status": "affected", "version": "15.0(2)EY1" }, { "status": "affected", "version": "15.0(2)EY2" }, { "status": "affected", "version": "15.0(2)EY3" }, { "status": "affected", "version": "12.2(54)WO" }, { "status": "affected", "version": "15.0(1)SE" }, { "status": "affected", "version": "15.0(2)SE" }, { "status": "affected", "version": "15.0(1)SE1" }, { "status": "affected", "version": "15.0(1)SE2" }, { "status": "affected", "version": "15.0(1)SE3" }, { "status": "affected", "version": "15.0(2)SE1" }, { "status": "affected", "version": "15.0(2)SE2" }, { "status": "affected", "version": "15.0(2)SE3" }, { "status": "affected", "version": "15.0(2)SE4" }, { "status": "affected", "version": "15.0(2)SE5" }, { "status": "affected", "version": "15.0(2)SE6" }, { "status": "affected", "version": "15.0(2)SE7" }, { "status": "affected", "version": "15.0(2)SE8" }, { "status": "affected", "version": "15.0(2)SE9" }, { "status": "affected", "version": "15.0(2)SE10" }, { "status": "affected", "version": "15.0(2)SE10a" }, { "status": "affected", "version": "15.1(1)SG" }, { "status": "affected", "version": "15.1(2)SG" }, { "status": "affected", "version": "15.1(1)SG1" }, { "status": "affected", "version": "15.1(1)SG2" }, { "status": "affected", "version": "15.1(2)SG1" }, { "status": "affected", "version": "15.1(2)SG2" }, { "status": "affected", "version": "15.1(2)SG3" }, { "status": "affected", "version": "15.1(2)SG4" }, { "status": "affected", "version": "15.1(2)SG5" }, { "status": "affected", "version": "15.1(2)SG6" }, { "status": "affected", "version": "15.1(2)SG7" }, { "status": "affected", "version": "15.1(2)SG8" }, { "status": "affected", "version": "15.2(4)M" }, { "status": "affected", "version": "15.2(4)M1" }, { "status": "affected", "version": "15.2(4)M2" }, { "status": "affected", "version": "15.2(4)M4" }, { "status": "affected", "version": "15.2(4)M3" }, { "status": "affected", "version": "15.2(4)M5" }, { "status": "affected", "version": "15.2(4)M8" }, { "status": "affected", "version": "15.2(4)M10" }, { "status": "affected", "version": "15.2(4)M7" }, { "status": "affected", "version": "15.2(4)M6" }, { "status": "affected", "version": "15.2(4)M9" }, { "status": "affected", "version": "15.2(4)M6a" }, { "status": "affected", "version": "15.2(4)M11" }, { "status": "affected", "version": "15.0(2)SG" }, { "status": "affected", "version": "15.0(2)SG1" }, { "status": "affected", "version": "15.0(2)SG2" }, { "status": "affected", "version": "15.0(2)SG3" }, { "status": "affected", "version": "15.0(2)SG4" }, { "status": "affected", "version": "15.0(2)SG5" }, { "status": "affected", "version": "15.0(2)SG6" }, { "status": "affected", "version": "15.0(2)SG7" }, { "status": "affected", "version": "15.0(2)SG8" }, { "status": "affected", "version": "15.0(2)SG9" }, { "status": "affected", "version": "15.0(2)SG10" }, { "status": "affected", "version": "15.0(2)SG11" }, { "status": "affected", "version": "15.0(2)SG11a" }, { "status": "affected", "version": "15.0(1)EX" }, { "status": "affected", "version": "15.0(2)EX" }, { "status": "affected", "version": "15.0(2)EX1" }, { "status": "affected", "version": "15.0(2)EX2" }, { "status": "affected", "version": "15.0(2)EX3" }, { "status": "affected", "version": "15.0(2)EX4" }, { "status": "affected", "version": "15.0(2)EX5" }, { "status": "affected", "version": "15.0(2)EX8" }, { "status": "affected", "version": "15.0(2a)EX5" }, { "status": "affected", "version": "15.0(2)EX10" }, { "status": "affected", "version": "15.0(2)EX11" }, { "status": "affected", "version": "15.0(2)EX13" }, { "status": "affected", "version": "15.0(2)EX12" }, { "status": "affected", "version": "15.2(2)GC" }, { "status": "affected", "version": "15.2(3)GC" }, { "status": "affected", "version": "15.2(3)GC1" }, { "status": "affected", "version": "15.2(4)GC" }, { "status": "affected", "version": "15.2(4)GC2" }, { "status": "affected", "version": "15.2(4)GC3" }, { "status": "affected", "version": "15.4(1)T" }, { "status": "affected", "version": "15.4(2)T" }, { "status": "affected", "version": "15.4(1)T2" }, { "status": "affected", "version": "15.4(1)T1" }, { "status": "affected", "version": "15.4(1)T3" }, { "status": "affected", "version": "15.4(2)T1" }, { "status": "affected", "version": "15.4(2)T3" }, { "status": "affected", "version": "15.4(2)T2" }, { "status": "affected", "version": "15.4(1)T4" }, { "status": "affected", "version": "15.4(2)T4" }, { "status": "affected", "version": "15.0(2)EA" }, { "status": "affected", "version": "15.0(2)EA1" }, { "status": "affected", "version": "15.2(1)E" }, { "status": "affected", "version": "15.2(2)E" }, { "status": "affected", "version": "15.2(1)E1" }, { "status": "affected", "version": "15.2(3)E" }, { "status": "affected", "version": "15.2(1)E2" }, { "status": "affected", "version": "15.2(1)E3" }, { "status": "affected", "version": "15.2(2)E1" }, { "status": "affected", "version": "15.2(4)E" }, { "status": "affected", "version": "15.2(3)E1" }, { "status": "affected", "version": "15.2(2)E2" }, { "status": "affected", "version": "15.2(2a)E1" }, { "status": "affected", "version": "15.2(2)E3" }, { "status": "affected", "version": "15.2(2a)E2" }, { "status": "affected", "version": "15.2(3)E2" }, { "status": "affected", "version": "15.2(3a)E" }, { "status": "affected", "version": "15.2(3)E3" }, { "status": "affected", "version": "15.2(4)E1" }, { "status": "affected", "version": "15.2(2)E4" }, { "status": "affected", "version": "15.2(2)E5" }, { "status": "affected", "version": "15.2(4)E2" }, { "status": "affected", "version": "15.2(3)E4" }, { "status": "affected", "version": "15.2(5)E" }, { "status": "affected", "version": "15.2(4)E3" }, { "status": "affected", "version": "15.2(2)E6" }, { "status": "affected", "version": "15.2(5a)E" }, { "status": "affected", "version": "15.2(5)E1" }, { "status": "affected", "version": "15.2(5b)E" }, { "status": "affected", "version": "15.2(2)E5a" }, { "status": "affected", "version": "15.2(5c)E" }, { "status": "affected", "version": "15.2(2)E5b" }, { "status": "affected", "version": "15.2(5a)E1" }, { "status": "affected", "version": "15.2(4)E4" }, { "status": "affected", "version": "15.2(5)E2" }, { "status": "affected", "version": "15.3(3)M" }, { "status": "affected", "version": "15.3(3)M1" }, { "status": "affected", "version": "15.3(3)M2" }, { "status": "affected", "version": "15.3(3)M3" }, { "status": "affected", "version": "15.3(3)M5" }, { "status": "affected", "version": "15.3(3)M4" }, { "status": "affected", "version": "15.3(3)M6" }, { "status": "affected", "version": "15.3(3)M7" }, { "status": "affected", "version": "15.3(3)M8" }, { "status": "affected", "version": "15.3(3)M9" }, { "status": "affected", "version": "15.3(3)M8a" }, { "status": "affected", "version": "15.2(4)JN" }, { "status": "affected", "version": "15.0(2)EZ" }, { "status": "affected", "version": "15.2(1)EY" }, { "status": "affected", "version": "15.0(2)EJ" }, { "status": "affected", "version": "15.0(2)EJ1" }, { "status": "affected", "version": "15.2(1)SY" }, { "status": "affected", "version": "15.2(1)SY1" }, { "status": "affected", "version": "15.2(1)SY0a" }, { "status": "affected", "version": "15.2(1)SY2" }, { "status": "affected", "version": "15.2(2)SY" }, { "status": "affected", "version": "15.2(1)SY1a" }, { "status": "affected", "version": "15.2(2)SY1" }, { "status": "affected", "version": "15.2(2)SY2" }, { "status": "affected", "version": "15.2(1)SY3" }, { "status": "affected", "version": "15.2(1)SY4" }, { "status": "affected", "version": "15.2(5)EX" }, { "status": "affected", "version": "15.2(4)JAZ1" }, { "status": "affected", "version": "15.0(2)EK" }, { "status": "affected", "version": "15.0(2)EK1" }, { "status": "affected", "version": "15.4(1)CG" }, { "status": "affected", "version": "15.4(1)CG1" }, { "status": "affected", "version": "15.4(2)CG" }, { "status": "affected", "version": "15.2(2)EB" }, { "status": "affected", "version": "15.2(2)EB1" }, { "status": "affected", "version": "15.2(2)EB2" }, { "status": "affected", "version": "15.5(1)T" }, { "status": "affected", "version": "15.5(1)T1" }, { "status": "affected", "version": "15.5(2)T" }, { "status": "affected", "version": "15.5(1)T2" }, { "status": "affected", "version": "15.5(1)T3" }, { "status": "affected", "version": "15.5(2)T1" }, { "status": "affected", "version": "15.5(2)T2" }, { "status": "affected", "version": "15.5(2)T3" }, { "status": "affected", "version": "15.5(2)T4" }, { "status": "affected", "version": "15.5(1)T4" }, { "status": "affected", "version": "15.2(2)EA" }, { "status": "affected", "version": "15.2(2)EA1" }, { "status": "affected", "version": "15.2(2)EA2" }, { "status": "affected", "version": "15.2(3)EA" }, { "status": "affected", "version": "15.2(4)EA" }, { "status": "affected", "version": "15.2(4)EA1" }, { "status": "affected", "version": "15.2(2)EA3" }, { "status": "affected", "version": "15.2(4)EA3" }, { "status": "affected", "version": "15.2(5)EA" }, { "status": "affected", "version": "15.2(4)EA4" }, { "status": "affected", "version": "15.2(4)EA5" }, { "status": "affected", "version": "15.5(3)M" }, { "status": "affected", "version": "15.5(3)M1" }, { "status": "affected", "version": "15.5(3)M0a" }, { "status": "affected", "version": "15.5(3)M2" }, { "status": "affected", "version": "15.5(3)M3" }, { "status": "affected", "version": "15.5(3)M4" }, { "status": "affected", "version": "15.5(3)M4a" }, { "status": "affected", "version": "15.5(3)M5" }, { "status": "affected", "version": "15.3(3)JAA1" }, { "status": "affected", "version": "15.0(2)SQD" }, { "status": "affected", "version": "15.0(2)SQD1" }, { "status": "affected", "version": "15.0(2)SQD2" }, { "status": "affected", "version": "15.0(2)SQD3" }, { "status": "affected", "version": "15.0(2)SQD4" }, { "status": "affected", "version": "15.0(2)SQD5" }, { "status": "affected", "version": "15.0(2)SQD6" }, { "status": "affected", "version": "15.6(1)T" }, { "status": "affected", "version": "15.6(2)T" }, { "status": "affected", "version": "15.6(1)T0a" }, { "status": "affected", "version": "15.6(1)T1" }, { "status": "affected", "version": "15.6(2)T1" }, { "status": "affected", "version": "15.6(1)T2" }, { "status": "affected", "version": "15.6(2)T2" }, { "status": "affected", "version": "15.6(1)T3" }, { "status": "affected", "version": "15.3(1)SY" }, { "status": "affected", "version": "15.3(1)SY1" }, { "status": "affected", "version": "15.3(1)SY2" }, { "status": "affected", "version": "15.6(3)M" }, { "status": "affected", "version": "15.6(3)M1" }, { "status": "affected", "version": "15.6(3)M0a" }, { "status": "affected", "version": "15.6(3)M1b" }, { "status": "affected", "version": "15.6(3)M2" }, { "status": "affected", "version": "15.6(3)M2a" }, { "status": "affected", "version": "15.2(4)EC1" }, { "status": "affected", "version": "15.2(4)EC2" }, { "status": "affected", "version": "15.3(3)JPC5" }, { "status": "affected", "version": "15.4(1)SY" }, { "status": "affected", "version": "15.4(1)SY1" }, { "status": "affected", "version": "15.4(1)SY2" }, { "status": "affected", "version": "15.5(1)SY" }, { "status": "affected", "version": "15.3(3)JPR1" } ] }, { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.2.0SG" }, { "status": "affected", "version": "3.2.1SG" }, { "status": "affected", "version": "3.2.2SG" }, { "status": "affected", "version": "3.2.3SG" }, { "status": "affected", "version": "3.2.4SG" }, { "status": "affected", "version": "3.2.5SG" }, { "status": "affected", "version": "3.2.6SG" }, { "status": "affected", "version": "3.2.7SG" }, { "status": "affected", "version": "3.2.8SG" }, { "status": "affected", "version": "3.2.9SG" }, { "status": "affected", "version": "3.2.10SG" }, { "status": "affected", "version": "3.2.11SG" }, { "status": "affected", "version": "3.3.0SG" }, { "status": "affected", "version": "3.3.2SG" }, { "status": "affected", "version": "3.3.1SG" }, { "status": "affected", "version": "3.2.0SE" }, { "status": "affected", "version": "3.2.1SE" }, { "status": "affected", "version": "3.2.2SE" }, { "status": "affected", "version": "3.2.3SE" }, { "status": "affected", "version": "3.3.0SE" }, { "status": "affected", "version": "3.3.1SE" }, { "status": "affected", "version": "3.3.2SE" }, { "status": "affected", "version": "3.3.3SE" }, { "status": "affected", "version": "3.3.4SE" }, { "status": "affected", "version": "3.3.5SE" }, { "status": "affected", "version": "3.4.0SG" }, { "status": "affected", "version": "3.4.2SG" }, { "status": "affected", "version": "3.4.1SG" }, { "status": "affected", "version": "3.4.3SG" }, { "status": "affected", "version": "3.4.4SG" }, { "status": "affected", "version": "3.4.5SG" }, { "status": "affected", "version": "3.4.6SG" }, { "status": "affected", "version": "3.4.7SG" }, { "status": "affected", "version": "3.4.8SG" }, { "status": "affected", "version": "3.5.0E" }, { "status": "affected", "version": "3.5.1E" }, { "status": "affected", "version": "3.5.2E" }, { "status": "affected", "version": "3.5.3E" }, { "status": "affected", "version": "3.6.0E" }, { "status": "affected", "version": "3.6.1E" }, { "status": "affected", "version": "3.6.2aE" }, { "status": "affected", "version": "3.6.2E" }, { "status": "affected", "version": "3.6.3E" }, { "status": "affected", "version": "3.6.4E" }, { "status": "affected", "version": "3.6.5E" }, { "status": "affected", "version": "3.6.6E" }, { "status": "affected", "version": "3.6.5aE" }, { "status": "affected", "version": "3.6.5bE" }, { "status": "affected", "version": "3.3.0SQ" }, { "status": "affected", "version": "3.3.1SQ" }, { "status": "affected", "version": "3.4.0SQ" }, { "status": "affected", "version": "3.4.1SQ" }, { "status": "affected", "version": "3.7.0E" }, { "status": "affected", "version": "3.7.1E" }, { "status": "affected", "version": "3.7.2E" }, { "status": "affected", "version": "3.7.3E" }, { "status": "affected", "version": "3.7.4E" }, { "status": "affected", "version": "3.7.5E" }, { "status": "affected", "version": "3.5.0SQ" }, { "status": "affected", "version": "3.5.1SQ" }, { "status": "affected", "version": "3.5.2SQ" }, { "status": "affected", "version": "3.5.3SQ" }, { "status": "affected", "version": "3.5.4SQ" }, { "status": "affected", "version": "3.5.5SQ" }, { "status": "affected", "version": "3.5.6SQ" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "3.8.0E" }, { "status": "affected", "version": "3.8.1E" }, { "status": "affected", "version": "3.8.2E" }, { "status": "affected", "version": "3.8.3E" }, { "status": "affected", "version": "3.8.4E" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.9.0E" }, { "status": "affected", "version": "3.9.1E" }, { "status": "affected", "version": "3.9.2E" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "descriptions": [ { "lang": "en", "value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.\r\n\r Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities." } ], "exploits": [ { "lang": "en", "value": "At the time of initial publication, Cisco was aware of external knowledge of the vulnerabilities described in this advisory and, as a precaution, notified customers about the potential for exploitation.\r\n\r\nOn January 6, 2017, a security researcher published functional exploit code for these vulnerabilities.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) is aware of exploitation of the following vulnerabilities that are described in this advisory:\r\n\r\nCVE-2017-6736\r\nCVE-2017-6737\r\nCVE-2017-6738\r\nCVE-2017-6739\r\nCVE-2017-6740\r\nCVE-2017-6742\r\nCVE-2017-6743\r\nCVE-2017-6744\r\n\r\nThe Cisco PSIRT is aware of exploit code available for CVE-2017-6741.\r\n\r\nAdditional information can be found at Cisco TALOS: DNS Hijacking Abuses Trust In Core Internet Service [\"https://blog.talosintelligence.com/2019/04/seaturtle.html\"]." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "format": "cvssV3_0" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-31T16:22:43.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-20170629-snmp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp" } ], "source": { "advisory": "cisco-sa-20170629-snmp", "defects": [ "CSCve89865", "CSCsy56638" ], "discovery": "UNKNOWN" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-6738", "datePublished": "2017-07-17T21:00:00.000Z", "dateReserved": "2017-03-09T00:00:00.000Z", "dateUpdated": "2025-07-31T16:22:43.000Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…