CVE-2017-6739

Warning

EPSS 21.61%
Published 17.07.2017 21:29:00
Last modified 31.07.2025 17:15:28
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. 



The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3). The attacker must know the SNMP read only community string (SNMP version 2c or earlier) or the user credentials (SNMPv3). An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.



Only traffic directed to the affected system can be used to exploit this vulnerability.

Affected products Warnungen 1 Metrics 4 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios Version >= 12.0 <= 12.4

Cisco ≫ Ios Version >= 15.0 <= 15.6

Cisco ≫ Ios Xe Version >= 2.2.0 <= 3.17.0

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

Vulnerability

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	21.61%	0.955

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C
psirt@cisco.com	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/99345

Third Party Advisory

Broken Link

VDB Entry

http://www.securitytracker.com/id/1038808

Third Party Advisory

Broken Link

VDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp

https://nvd.nist.gov/vuln/detail/CVE-2017-6739

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-6739

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-6739

EUVD