8.6
CVE-2017-6612
- EPSS 0.75%
- Veröffentlicht 25.07.2017 19:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Asr 5000 Series Software Version17.3.9.62033
Cisco ≫ Asr 5000 Series Software Version17.7.5
Cisco ≫ Asr 5000 Series Software Version19.6.3
Cisco ≫ Asr 5000 Series Software Version20.1.2
Cisco ≫ Asr 5000 Series Software Version20.2.12
Cisco ≫ Asr 5000 Series Software Version21.0.1
Cisco ≫ Asr 5000 Series Software Version21.1.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.75% | 0.707 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 3.9 | 4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.