6.5

CVE-2017-6665

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xe Version3.7.0e
CiscoIos Xe Version3.7.1e
CiscoIos Xe Version3.7.3e
CiscoIos Xe Version3.8.0e
CiscoIos Xe Version3.8.0ex
CiscoIos Xe Version3.8.1e
CiscoIos Xe Version3.8.2e
CiscoIos Xe Version3.8.3e
CiscoIos Xe Version3.9.0e
CiscoIos Xe Version3.9.1e
CiscoIos Xe Version3.10.4s
CiscoIos Xe Version3.10.8as
CiscoIos Xe Version3.10.8s
CiscoIos Xe Version3.11.3s
CiscoIos Xe Version3.11.4s
CiscoIos Xe Version3.12.0as
CiscoIos Xe Version3.12.0s
CiscoIos Xe Version3.12.1s
CiscoIos Xe Version3.12.2s
CiscoIos Xe Version3.12.3s
CiscoIos Xe Version3.12.4s
CiscoIos Xe Version3.13.0s
CiscoIos Xe Version3.13.1s
CiscoIos Xe Version3.13.2as
CiscoIos Xe Version3.13.2s
CiscoIos Xe Version3.13.4s
CiscoIos Xe Version3.13.5as
CiscoIos Xe Version3.13.5s
CiscoIos Xe Version3.13.6as
CiscoIos Xe Version3.13.6s
CiscoIos Xe Version3.13.7as
CiscoIos Xe Version3.13.8s
CiscoIos Xe Version3.14.0s
CiscoIos Xe Version3.14.1s
CiscoIos Xe Version3.14.2s
CiscoIos Xe Version3.14.3s
CiscoIos Xe Version3.14.4s
CiscoIos Xe Version3.15.0s
CiscoIos Xe Version3.15.1s
CiscoIos Xe Version3.15.2s
CiscoIos Xe Version3.15.3s
CiscoIos Xe Version3.15.4s
CiscoIos Xe Version3.16.0s
CiscoIos Xe Version3.16.1as
CiscoIos Xe Version3.16.2as
CiscoIos Xe Version3.16.2s
CiscoIos Xe Version3.16.3as
CiscoIos Xe Version3.16.3s
CiscoIos Xe Version3.16.4as
CiscoIos Xe Version3.16.4ds
CiscoIos Xe Version3.16.4s
CiscoIos Xe Version3.16.6s
CiscoIos Xe Version3.17.0s
CiscoIos Xe Version3.17.1as
CiscoIos Xe Version3.17.1s
CiscoIos Xe Version3.17.3s
CiscoIos Xe Version3.17.4s
CiscoIos Xe Version3.18.0as
CiscoIos Xe Version3.18.0s
CiscoIos Xe Version3.18.0sp
CiscoIos Xe Version3.18.1bsp
CiscoIos Xe Version3.18.1s
CiscoIos Xe Version3.18.1sp
CiscoIos Xe Version3.18.2asp
CiscoIos Xe Version3.18.2s
CiscoIos Xe Version3.18.2sp
CiscoIos Xe Version3.18.3s
CiscoIos Xe Version3.18.3sp
CiscoIos Xe Version16.5.1c
CiscoIos Xe Version16.6.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.298
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 3.3 6.5 2.9
AV:A/AC:L/Au:N/C:P/I:N/A:N
CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

http://www.securityfocus.com/bid/99969
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038998
Third Party Advisory
VDB Entry