CVE-2017-12233

Опубликовано: 29 сент. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

Ссылки

http://www.securityfocus.com/bid/101038
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039459
Broken Link
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip
Vendor Advisory
http://www.securityfocus.com/bid/101038
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039459
Broken Link
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12233

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

Версия от 12.4 (включая) до 15.6 (включая)

Одно из

cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1100_terminal_services_gateways:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1111x-8p:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:esr-6300-con-k9:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:esr-6300-ncp-k9:-:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06545

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-20

NVD-CWE-noinfo

Связанные уязвимости

GHSA-h9rm-4rp6-464p

CVSS3: 7.5

github

больше 3 лет назад

BDU:2017-02337

CVSS3: 7.5

fstec

больше 8 лет назад

Уязвимость реализации протокола Common Industrial Protocol (CIP) операционной системы Cisco IOS, позволяющая нарушителю вызвать отказ в обслуживании (DoS) и перезагрузку устройства

EPSS

Процентиль: 91%

0.06545

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-20

NVD-CWE-noinfo