7.8

CVE-2017-12233

Warnung

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Version >= 12.4 <= 15.6
   Cisco1000 Integrated Services Router Version-
   Cisco1100-4g Integrated Services Router Version-
   Cisco1100-4gltegb Integrated Services Router Version-
   Cisco1100-4gltena Integrated Services Router Version-
   Cisco1100-4p Version-
   Cisco1100-4p Integrated Services Router Version-
   Cisco1100-6g Integrated Services Router Version-
   Cisco1100-8p Version-
   Cisco1100-8p Integrated Services Router Version-
   Cisco1100-lte Integrated Services Router Version-
   Cisco1100 Integrated Services Router Version-
   Cisco1100 Terminal Services Gateways Version-
   Cisco1101-4p Version-
   Cisco1101-4p Integrated Services Router Version-
   Cisco1101 Integrated Services Router Version-
   Cisco1109-2p Version-
   Cisco1109-4p Version-
   Cisco1111-4pwe Version-
   Cisco1111-8pwb Version-
   Cisco1111x-8p Version-
   Cisco1113-8plteeawe Version-
   Cisco1113-8pmwe Version-
   Cisco1113-8pwe Version-
   Cisco1116-4plteeawe Version-
   Cisco1116-4pwe Version-
   Cisco1117-4plteeawe Version-
   Cisco1117-4pmlteeawe Version-
   Cisco1117-4pmwe Version-
   Cisco1117-4pwe Version-
   Cisco1120 Version-
   Cisco1120 Connected Grid Router Version-
   Cisco1120 Integrated Services Router Version-
   Cisco1131 Integrated Services Router Version-
   Cisco1160 Integrated Services Router Version-
   Cisco1801 Integrated Service Router Version-
   Cisco1802 Integrated Service Router Version-
   Cisco1803 Integrated Service Router Version-
   Cisco1811 Integrated Service Router Version-
   Cisco1812 Integrated Service Router Version-
   Cisco1841 Integrated Service Router Version-
   Cisco1861 Integrated Service Router Version-
   Cisco1905 Integrated Services Router Version-
   Cisco1906c Integrated Services Router Version-
   Cisco1921 Integrated Services Router Version-
   Cisco1941 Integrated Services Router Version-
   Cisco1941w Integrated Services Router Version-
   CiscoCatalyst Ie3200 Rugged Switch Version-
   CiscoCatalyst Ie3300 Rugged Switch Version-
   CiscoCatalyst Ie3400 Heavy Duty Switch Version-
   CiscoCatalyst Ie3400 Rugged Switch Version-
   CiscoCatalyst Ie9300 Version-
   CiscoEsr-6300-con-k9 Version-
   CiscoEsr-6300-ncp-k9 Version-

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability

Schwachstelle

There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 13.01% 0.938
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/101038
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id/1039459
Third Party Advisory
Broken Link
VDB Entry