Vulnerabilites related to cisco - 829_industrial_integrated_services_routers
cve-2019-1649
Vulnerability from cvelistv5
Published
2019-05-13 19:10
Modified
2024-11-20 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | vendor-advisory, x_refsource_CISCO | |
| https://www.kb.cert.org/vuls/id/400865 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/108350 | vdb-entry, x_refsource_BID | |
| https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Routers |
Version: unspecified < 16.12.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:20:28.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108350", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1649", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:08.575056Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:23:01.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Routers", vendor: "Cisco", versions: [ { lessThan: "16.12.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-13T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, ], exploits: [ { lang: "en", value: "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-26T02:22:29", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108350", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], source: { advisory: "cisco-sa-20190513-secureboot", defect: [ [ "CSCvn77141", "CSCvn77142", "CSCvn77143", "CSCvn77147", "CSCvn77150", "CSCvn77151", "CSCvn77152", "CSCvn77153", "CSCvn77154", "CSCvn77155", "CSCvn77156", "CSCvn77158", "CSCvn77159", "CSCvn77160", "CSCvn77162", "CSCvn77166", "CSCvn77167", "CSCvn77168", "CSCvn77169", "CSCvn77170", "CSCvn77171", "CSCvn77172", "CSCvn77175", "CSCvn77178", "CSCvn77180", "CSCvn77181", "CSCvn77182", "CSCvn77183", "CSCvn77184", "CSCvn77185", "CSCvn77191", "CSCvn77201", "CSCvn77202", "CSCvn77205", "CSCvn77207", "CSCvn77209", "CSCvn77212", "CSCvn77219", "CSCvn77220", "CSCvn77222", "CSCvn77245", "CSCvn77246", "CSCvn77248", "CSCvn77249", "CSCvn89137", "CSCvn89138", "CSCvn89140", "CSCvn89143", "CSCvn89144", "CSCvn89145", "CSCvn89146", "CSCvn89150", "CSCvp42792", ], ], discovery: "INTERNAL", }, title: "Cisco Secure Boot Hardware Tampering Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-13T17:30:00-0700", ID: "CVE-2019-1649", STATE: "PUBLIC", TITLE: "Cisco Secure Boot Hardware Tampering Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Routers", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "16.12.1", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, ], }, exploit: [ { lang: "en", value: "This vulnerability was publicly disclosed by Red Balloon Security on May 13, 2019.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "20190513 Cisco Secure Boot Hardware Tampering Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { name: "VU#400865", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/400865", }, { name: "108350", refsource: "BID", url: "http://www.securityfocus.com/bid/108350", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], }, source: { advisory: "cisco-sa-20190513-secureboot", defect: [ [ "CSCvn77141", "CSCvn77142", "CSCvn77143", "CSCvn77147", "CSCvn77150", "CSCvn77151", "CSCvn77152", "CSCvn77153", "CSCvn77154", "CSCvn77155", "CSCvn77156", "CSCvn77158", "CSCvn77159", "CSCvn77160", "CSCvn77162", "CSCvn77166", "CSCvn77167", "CSCvn77168", "CSCvn77169", "CSCvn77170", "CSCvn77171", "CSCvn77172", "CSCvn77175", "CSCvn77178", "CSCvn77180", "CSCvn77181", "CSCvn77182", "CSCvn77183", "CSCvn77184", "CSCvn77185", "CSCvn77191", "CSCvn77201", "CSCvn77202", "CSCvn77205", "CSCvn77207", "CSCvn77209", "CSCvn77212", "CSCvn77219", "CSCvn77220", "CSCvn77222", "CSCvn77245", "CSCvn77246", "CSCvn77248", "CSCvn77249", "CSCvn89137", "CSCvn89138", "CSCvn89140", "CSCvn89143", "CSCvn89144", "CSCvn89145", "CSCvn89146", "CSCvn89150", "CSCvp42792", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1649", datePublished: "2019-05-13T19:10:14.147871Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:23:01.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-12648
Vulnerability from cvelistv5
Published
2019-09-25 20:05
Modified
2024-11-20 17:10
Severity ?
EPSS score ?
Summary
A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS 15.7(3)M |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:24:39.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-12648", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:51:53.595477Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:10:26.912Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS 15.7(3)M", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-09-25T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-25T20:05:22", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth", }, ], source: { advisory: "cisco-sa-20190925-ios-gos-auth", defect: [ [ "CSCvm86480", ], ], discovery: "INTERNAL", }, title: "Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-09-25T16:00:00-0700", ID: "CVE-2019-12648", STATE: "PUBLIC", TITLE: "Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS 15.7(3)M", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "9.9", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth", }, ], }, source: { advisory: "cisco-sa-20190925-ios-gos-auth", defect: [ [ "CSCvm86480", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-12648", datePublished: "2019-09-25T20:05:22.034297Z", dateReserved: "2019-06-04T00:00:00", dateUpdated: "2024-11-20T17:10:26.912Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-12232
Vulnerability from cvelistv5
Published
2017-09-28 07:00
Modified
2024-11-15 17:58
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039452 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101044 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:28:16.692Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", }, { name: "1039452", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039452", }, { name: "101044", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101044", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2017-12232", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T17:34:20.447301Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-03-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12232", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:58:04.978Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS", vendor: "n/a", versions: [ { status: "affected", version: "Cisco IOS", }, ], }, ], datePublic: "2017-09-28T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-29T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", }, { name: "1039452", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039452", }, { name: "101044", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101044", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2017-12232", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS", version: { version_data: [ { version_value: "Cisco IOS", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", }, { name: "1039452", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039452", }, { name: "101044", refsource: "BID", url: "http://www.securityfocus.com/bid/101044", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2017-12232", datePublished: "2017-09-28T07:00:00", dateReserved: "2017-08-03T00:00:00", dateUpdated: "2024-11-15T17:58:04.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-05-13 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| psirt@cisco.com | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| psirt@cisco.com | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108350 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/400865 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-072-03 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asa_5500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "524E28A1-ABD9-416B-804C-EFFD7F822DE5", versionEndExcluding: "1.1.15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*", matchCriteriaId: "763B801D-CA1E-4C56-8B06-3373EA307C7E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*", matchCriteriaId: "30AC6907-3091-409F-967D-64A82A0C5A8C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*", matchCriteriaId: "92AE506A-E710-465B-B795-470FDE0E0ECA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*", matchCriteriaId: "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32B7016C-C909-4F30-A80E-E30E9C2FB607", versionEndExcluding: "2.6.1.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_4000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B8DB36E-D0AC-4FFC-8FDB-C5520689013A", versionEndExcluding: "1.0.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E924AE61-94D5-4A68-A586-CA7119487F67", versionEndExcluding: "1.0.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ons_15454_mstp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F8A7F11-B920-4C5B-B3CA-D29740FFE891", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ons_15454_mstp:-:*:*:*:*:*:*:*", matchCriteriaId: "BEBE1DDE-6C69-45EC-A666-D9596E8721DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:analog_voice_network_interface_modules_firmware:*:*:*:*:*:*:4000_series_isrs:*", matchCriteriaId: "00BCB49E-E2D2-4374-8D48-A287FC538F4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-2bri-nt\\/te:-:*:*:*:*:*:*:*", matchCriteriaId: "637D7CA3-89CD-418A-BF87-0935A7805173", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fox:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBE2B16-B9AD-4ED2-AE18-7087C478FEEC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs:-:*:*:*:*:*:*:*", matchCriteriaId: "D94B415B-08E2-4845-BD11-7EBCD08215E0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs\\/4fxo:-:*:*:*:*:*:*:*", matchCriteriaId: "784ECC2E-F4AC-4430-9F33-9B1DBD89692F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxs\\/4fxop:-:*:*:*:*:*:*:*", matchCriteriaId: "8A34FAE4-7B2A-47BF-AB0A-5FAF8E8920CE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2fxsp:-:*:*:*:*:*:*:*", matchCriteriaId: "3FADBF85-52F4-468C-A44C-5107484757EA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4bri-nt\\/te:-:*:*:*:*:*:*:*", matchCriteriaId: "90E418C4-F91B-4E0D-B1DC-2B099D991F80", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4e\\/m:-:*:*:*:*:*:*:*", matchCriteriaId: "E22A4B07-04DF-4AF2-B2A9-E4430C4F3A64", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxo:-:*:*:*:*:*:*:*", matchCriteriaId: "DFDCD640-E1BB-48F8-BEB4-85AAF7099FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxs:-:*:*:*:*:*:*:*", matchCriteriaId: "893147FC-1AD0-441C-B031-6C432ED2FFD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4fxsp:-:*:*:*:*:*:*:*", matchCriteriaId: "DE30FCF9-DFF6-419C-8DCA-0B695E3FADE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_t1\\/e1_voice_and_wan_network_interface_modules_firmware:*:*:*:*:*:*:4000_series:*", matchCriteriaId: "239EC4DE-5E2C-44D7-9C32-BFCD854670AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-1ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "F2956624-92FC-43D7-A038-15071A90E0B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-1mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "988125C4-DB88-438F-8F6D-0992424081A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "AD9B34B9-78EC-49AE-B342-F2BAD63CD50C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "5D258F96-93A5-455E-9542-2C95B3D31455", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-4mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "B443FC34-767F-45B4-8516-A1A8B6C8D917", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-8ce1t1-pri:-:*:*:*:*:*:*:*", matchCriteriaId: "08C3403A-3943-4A69-A536-3FA6DEDFF21B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-8mft-t1\\/e1:-:*:*:*:*:*:*:*", matchCriteriaId: "7259F6BC-BA31-47E4-BFA6-647068A946CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:supervisor_a\\+_firmware:*:*:*:*:*:*:nexus_9500:*", matchCriteriaId: "3F825D9C-25C6-4F76-A7EE-F61A548A0CE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-sup-a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "360B9A25-5272-487A-AF1A-CE2FDFD6F23C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:supervisor_b\\+_firmware:*:*:*:*:*:*:nexus_9500:*", matchCriteriaId: "77C59A0F-F256-42C3-A3E1-71F02614F55A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-sup-b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "3ADE8708-95D4-4D30-85ED-BE870410F3B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:15454-m-wse-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F99FC1A-2738-468B-BD01-4F715A1B7809", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:15454-m-wse-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "90242967-37AB-4124-87DE-D826A3895BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "EB99D062-EE0C-4695-AA4D-2DCE3E2B15AF", versionEndExcluding: "16.12.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:cbr-8_converged_broadband_router:-:*:*:*:*:*:*:*", matchCriteriaId: "D6CCBE67-E509-43EC-9AFB-8A9B6A115126", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "39C9F8C2-9E34-4027-9112-42AEC0B84F7C", versionEndExcluding: "16.3.9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "76843179-3569-4556-9F4C-6543B8A8E1DE", versionEndExcluding: "16.6.7", versionStartIncluding: "16.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "1B526102-9DDC-4E23-B582-DEF7EA35E42C", versionEndExcluding: "16.9.4", versionStartIncluding: "16.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "F50DDAE4-2C87-4B8B-9BCB-2FD32A6976D6", versionEndExcluding: "16.12.1", versionStartIncluding: "16.10.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nim-1ge-cu-sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "C56A1D02-3061-40C5-AD87-0BEA869838F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nim-2ge-cu-sfp:-:*:*:*:*:*:*:*", matchCriteriaId: "1F98C767-8E9F-4B01-A09E-359A496B2B3A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-1000:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCAA286-6B36-4EB7-9AE5-CA082D125E78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-2000:-:*:*:*:*:*:*:*", matchCriteriaId: "F6B1C2CF-0EF1-428F-8FB8-D45E4C6CB340", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-3000:-:*:*:*:*:*:*:*", matchCriteriaId: "450EA21E-68E0-4617-85A9-9C39B96E12ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:sm-x-pvdm-500:-:*:*:*:*:*:*:*", matchCriteriaId: "17B65497-2EAC-4B9E-9D05-58A0B6D1F399", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "35726753-BAA4-479F-AF9C-F4D012881F83", versionEndExcluding: "15.6\\(3\\)m7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "7A3FBAE1-F786-4799-AF70-6E7B5DC19BB9", versionEndIncluding: "15.7\\(3\\)m5", versionStartIncluding: "15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "72240B45-0D8E-4EA6-8208-068BF6EF8B30", versionEndExcluding: "15.8\\(3\\)m3", versionStartIncluding: "15.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "B7F56D01-F647-452D-A564-4198A893BC70", versionEndExcluding: "15.9\\(3\\)m", versionStartIncluding: "15.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6835F8AD-B55D-4B57-B3B5-0095E309B2B3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83AA5C75-B959-4167-906C-BE9C84C7E676", versionEndExcluding: "1.0.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:industrial_security_appliances_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "6FBBA8E7-14B2-4869-8ED4-72F120E547FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB084F19-E475-41FA-A72F-23D4D6913523", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C49E8AE0-745B-459C-AAD9-D41690D48DDE", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:integrated_services_router_4400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC5D8FF8-60F8-4F89-A488-F815D0FB00E1", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:44461_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "697BEF89-6D9B-4870-BE85-9090152F3E6E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "13C3D17D-DD95-49CA-918A-A0F5289B0C3D", versionEndExcluding: "15.6\\(3\\)m6b", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "DA254534-247F-47BA-B146-0E3B7E9F9269", versionEndIncluding: "15.7\\(3\\)m4b", versionStartIncluding: "15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "E0F05F3A-A38F-4922-AE54-BE1BC64C4B7C", versionEndExcluding: "15.8\\(3\\)m2a", versionStartIncluding: "15.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "3C996F3B-0333-4B9A-B3E7-F50E64B0AAB3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05CC9-8D04-4DE0-A854-375192B4D46C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asr_1000_series_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64C3BBBB-4349-4D2B-9944-84BE03407650", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*", matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000_series:-:*:*:*:*:*:*:*", matchCriteriaId: "76B7C13F-46C5-460A-A6C9-3837A28A0CE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*", matchCriteriaId: "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*", matchCriteriaId: "AB060D83-2924-4D1D-9FEE-F8087FA8976D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*", matchCriteriaId: "8CF4D0E5-FF09-4919-B603-B42DB535386C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*", matchCriteriaId: "22C36989-4353-4B81-8B0F-FC6322C1C179", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:asr_1001_firmware:16.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A267A86B-144D-46C3-9F63-95606106A5B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "C807F789-3038-42C3-B5EB-6CD628EBF718", versionEndExcluding: "16.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:a900-rsp2a-128:-:*:*:*:*:*:*:*", matchCriteriaId: "DED2353D-A508-4764-975F-57F9DACD91FA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp2a-64:-:*:*:*:*:*:*:*", matchCriteriaId: "9EBA765C-B6F0-4D4D-8933-06E655084AF4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp3c-200:-:*:*:*:*:*:*:*", matchCriteriaId: "CC6F34E1-7DE4-459B-AF41-D973201ADC49", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a900-rsp3c-400\\/w:-:*:*:*:*:*:*:*", matchCriteriaId: "D8DAC3AF-FEFC-4B14-A7BE-7008E65FD012", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*", matchCriteriaId: "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "11B83BED-5A49-4CF0-9827-AA291D01F60E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "2C1E8937-51D9-43E6-876E-5D39AD3D32C4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA7AE63-99B9-4F28-8670-639A9B31E494", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "E858B4AB-49B1-4F1C-8722-6E6911194924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1BF2-5180-4301-941C-3C0ADDD23AA6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE70CCD-6062-45D8-8566-7C9E237E030F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA3A897-ED4E-417F-BA6C-C1A825A210F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*", matchCriteriaId: "375F9E12-A61B-4FD3-AE07-D4E686EB112A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*", matchCriteriaId: "D724F932-4548-429D-8CAA-E82C3435A194", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*", matchCriteriaId: "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "16088337-C057-4271-B5C7-74FE1573B0F0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "A69B8AFD-17F5-4809-BDB9-3337BA52BC58", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24u:-:*:*:*:*:*:*:*", matchCriteriaId: "6A628A7B-FE58-4881-B705-C3BCBED6F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-24ux:-:*:*:*:*:*:*:*", matchCriteriaId: "0A9C769E-ED9C-4F06-928D-CC7FFBA54EC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "C5B19A31-99E3-4141-9FE8-7A5FD16FAE5C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "DB1DFCD7-F14A-4530-8E36-55FE0EE1E7C7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48u:-:*:*:*:*:*:*:*", matchCriteriaId: "84C89BB9-D62D-4E36-8BFD-D583F383120D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48un:-:*:*:*:*:*:*:*", matchCriteriaId: "88262B7E-8C2F-49FE-9F58-8A1C78285A93", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9300-48uxm:-:*:*:*:*:*:*:*", matchCriteriaId: "C6109DBC-5489-4FF9-B940-E174126488AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*", matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cbr-ccap-lc-40g-r:-:*:*:*:*:*:*:*", matchCriteriaId: "C44B33A5-DB73-4A3B-AA5B-97B8493AD28B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cbr-lc-8d31-16u31:-:*:*:*:*:*:*:*", matchCriteriaId: "CAB82552-DD9D-45C9-8296-B4C8D510FFA1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:a99-16x100ge-x-se:-:*:*:*:*:*:*:*", matchCriteriaId: "C4EA89F6-14B5-4EC7-BAEB-E783FF1982AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-32x100ge-cm:-:*:*:*:*:*:*:*", matchCriteriaId: "E5BF29D2-7C65-4724-B6AE-249BB22725CE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-32x100ge-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "D55DC09B-CF82-4461-8886-BE90451BFF9E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-rp3-se:-:*:*:*:*:*:*:*", matchCriteriaId: "F393681D-7EC1-46D5-BAFB-786528E259B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a99-rp3-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "ABE8CE5B-09CF-4138-9495-7223FFA64443", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-16x100ge-cm:-:*:*:*:*:*:*:*", matchCriteriaId: "15AEC57E-7851-4C8D-AB02-A932C3929F26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-16x100ge-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "B14DB778-9B07-4AFF-8BF3-4631B23501BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-rsp5-se:-:*:*:*:*:*:*:*", matchCriteriaId: "326F9936-57E7-4E8F-9C51-093788454A3A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:a9k-rsp5-tr:-:*:*:*:*:*:*:*", matchCriteriaId: "884F1D0A-8A6F-45E4-9AC7-A8603AB8AE4E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_1002:-:*:*:*:*:*:*:*", matchCriteriaId: "7D54F012-3136-4CA8-B119-FD7446EC96C6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "0514874D-C8F0-496E-9B04-FA699B339EEE", versionEndExcluding: "15.5\\(1\\)sy4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F508C81E-D31B-44BA-82C8-FEDA00324B8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-32p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "05A9E0CA-BB70-4F74-BAD6-BE80669D1699", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-8p10g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "4CAE1989-0E75-414E-BCB3-E0057F1492E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-8p40g-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A1BA05-615E-4304-992D-6EEA176D852F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6800-sup6t-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "D883A807-6909-4087-892B-1E505521EA7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6816-x-le:-:*:*:*:*:*:*:*", matchCriteriaId: "DE2D76C8-552A-44C2-9C30-0CF31F6BC719", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6824-x-le-40g:-:*:*:*:*:*:*:*", matchCriteriaId: "649A1287-A03D-48B8-ADFA-26F175366C91", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6832-x-le:-:*:*:*:*:*:*:*", matchCriteriaId: "8776111D-894D-4EEB-8ADD-A9AC26AE30D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c6840-x-le-40g:-:*:*:*:*:*:*:*", matchCriteriaId: "975D2EC3-3499-48FD-87F2-4BAD1CDB0E4C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "27ACCA11-D39B-468E-9C3C-BBF110ED3581", versionEndExcluding: "16.9.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB36C23-9303-4E3D-8C4A-B2E2150CF3FE", versionEndExcluding: "16.12.1", versionStartIncluding: "16.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:c9500-12q:-:*:*:*:*:*:*:*", matchCriteriaId: "0B37D793-0EE3-49CA-98B2-3E1F3D561A9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-16x:-:*:*:*:*:*:*:*", matchCriteriaId: "03F5F6FA-9499-4232-A80A-494CE287A87A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-24q:-:*:*:*:*:*:*:*", matchCriteriaId: "58918BAA-7070-4901-B1C8-344E8A4DBEE9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-24y4c:-:*:*:*:*:*:*:*", matchCriteriaId: "08B9D533-FCF5-4B35-A0D2-2EA1E4A907AE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-32c:-:*:*:*:*:*:*:*", matchCriteriaId: "C809A939-105E-471E-A150-859015641989", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-32qc:-:*:*:*:*:*:*:*", matchCriteriaId: "B2C657B7-172E-4E85-8027-4B5563F2CE14", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-40x:-:*:*:*:*:*:*:*", matchCriteriaId: "0B42926F-0841-4D40-BABE-852893C6020F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:c9500-48y4c:-:*:*:*:*:*:*:*", matchCriteriaId: "381144D6-7CDE-46E6-ADE7-76372740F283", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9800-40_wireless_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "902D1451-9E2E-4BC3-8B61-D87C142F4485", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:catalyst_9800-80_wireless_controller_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "59CD23DF-9B9D-459F-A3BF-F2D53FBDAF71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ic3000-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13174CD9-8564-4041-93EC-8E8D7F4F3443", versionEndExcluding: "1.0.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ic3000-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "B443B2C3-E3C1-4ADF-BF9B-164D00318B08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053", versionEndExcluding: "8.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ds-x9334-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "ECE54217-EF6D-4191-9267-113041B14A08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ncs2k-mr-mxp-k9_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DE58C19-66CD-45DD-BF5C-C333A30AA096", versionEndExcluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs2k-mr-mxp-k9:-:*:*:*:*:*:*:*", matchCriteriaId: "6EFF3999-1FF6-42C0-BE62-3FA227297264", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nc55-24h12f-se:-:*:*:*:*:*:*:*", matchCriteriaId: "966F7DF8-1F20-4A74-B633-8B5AEE63C193", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-36x100g-a-se:-:*:*:*:*:*:*:*", matchCriteriaId: "46EA0E17-C399-4DA0-A550-F5469CC82F3F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-36x100g-s:-:*:*:*:*:*:*:*", matchCriteriaId: "41C4BF85-7077-463B-8E52-F67949849123", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-5504-fc:-:*:*:*:*:*:*:*", matchCriteriaId: "F9102353-A21A-41C2-AA0B-9B00F66B693E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-5516-fc:-:*:*:*:*:*:*:*", matchCriteriaId: "1536A363-E423-42DD-928B-FC6E91264371", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-6x200-dwdm-s:-:*:*:*:*:*:*:*", matchCriteriaId: "AB4F5CA4-BBD2-4DC9-8F99-9CC1B2A90BF2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nc55-mod-a-s:-:*:*:*:*:*:*:*", matchCriteriaId: "A2442B13-F163-4219-AED9-7FA4CCD1A8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5501:-:*:*:*:*:*:*:*", matchCriteriaId: "7617BA24-6474-49CF-B78D-0056D3F8385B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5501-se:-:*:*:*:*:*:*:*", matchCriteriaId: "C3DCE7D6-0E78-4CF3-BF7A-6A4945ADD4F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5502:-:*:*:*:*:*:*:*", matchCriteriaId: "344675F6-9045-492D-9577-E0CE333AD6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-5502-se:-:*:*:*:*:*:*:*", matchCriteriaId: "BC7F2221-B5BE-408C-BA84-9776469EE2D5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-24h:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D61548-61B4-4B53-8574-9DB92B00A627", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-36h-s:-:*:*:*:*:*:*:*", matchCriteriaId: "4FF08FAF-67DD-4361-947A-40D5938DB8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a1-36h-se:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE2AD36-5D52-4489-AAC1-A7AC1B3D2581", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-hd-s:-:*:*:*:*:*:*:*", matchCriteriaId: "A95FEA95-703B-44E0-A7CA-9E38B2EB1980", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-hx-s:-:*:*:*:*:*:*:*", matchCriteriaId: "2D37BF94-9D5F-4A88-8115-3A88FF144845", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-s:-:*:*:*:*:*:*:*", matchCriteriaId: "C33F0D81-1314-440B-9FC2-56D76CA4CD79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-se-h-s:-:*:*:*:*:*:*:*", matchCriteriaId: "8E50806D-115D-4903-A5B2-62654FFDD9F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs-55a2-mod-se-s:-:*:*:*:*:*:*:*", matchCriteriaId: "15AE071E-0CEF-4305-A92D-9F4C324BD4ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_5001:-:*:*:*:*:*:*:*", matchCriteriaId: "3E007368-04AF-49C7-892F-ED2BB1E4EA61", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:network_convergence_system_5002:-:*:*:*:*:*:*:*", matchCriteriaId: "9DBEF775-EC98-4391-BAD2-61870A7DEE88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68A586A3-0291-4BA3-9211-6EE0BBB7F39C", versionEndExcluding: "9.3\\(2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n3k-c31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "5AEB8547-3FA8-42F5-8106-57B0F994BEC5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "E4D2069C-23A2-4113-B674-024D36E40BDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "572F9105-9B6C-4460-8B49-14812AC3DC28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "FE8EFEE8-FC8D-480C-917E-24C3B8D56E29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "7482F9FB-CA6A-4CA2-B6FB-FD0DCDF603ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "6487A95B-0D04-4ABA-B491-8A935694AFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F2E84307-41BC-4F85-BC9A-FF02178765F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "55A31452-5B60-4273-BA38-8FA684DED953", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "3C3FCA39-927B-4C89-A58B-E6859ED8176A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7B464B3-DE25-4980-ABC3-10D7C79C12E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "214472EB-424C-48B7-8EF3-7B679A5042BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DCCAC-A8CC-40B5-AA01-6D46CB9B7053", versionEndExcluding: "8.4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ds-x9648-1536k9:-:*:*:*:*:*:*:*", matchCriteriaId: "57E3CF0C-5AD0-4A30-9335-4945CBC04A60", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n3k-c3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "6C5CF4C9-3B75-4DC5-BC38-8A2B87FEAE01", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-sup3e:-:*:*:*:*:*:*:*", matchCriteriaId: "F33AB95C-62FC-48EC-84AB-5EFA5C061F3B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sm-x-1t3\\/e3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "98B12A01-8EF8-4DDE-9A40-51A9BC7D42AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:sm-x-1t3\\/e3:-:*:*:*:*:*:*:*", matchCriteriaId: "696AFE49-10E1-4C56-93D3-F4118B3E01AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:encs_5100_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AD6741CC-EEA4-4DC8-A21B-DB84B861316B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*", matchCriteriaId: "678F3A32-372A-441E-8115-95181FBAF628", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:encs_5400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EF426F3E-4474-43C7-84F5-EF61957E5004", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*", matchCriteriaId: "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.", }, { lang: "es", value: "Una vulnerabilidad en la lógica que maneja el control de acceso de uno de los componentes de hardware en la implementación Secure Boot de propiedad de Cisco, podría permitir que un atacante local autenticado escriba una imagen de firmware modificada en el componente. Esta vulnerabilidad afecta a varios productos de Cisco que admiten la funcionalidad de Secure Boot basada en hardware. La vulnerabilidad se genera por una comprobación incorrecta en el área de código que administra las actualizaciones en las instalaciones de Field Programmable Gate Array (FPGA) parte de la implementación del hardware Secure Boot. Un atacante con privilegios elevados y acceso al sistema operativo subyacente que se ejecuta en el dispositivo afectado podría explotar esta vulnerabilidad al escribir una imagen de firmware modificada en el FPGA. Una explotación exitosa podría hacer que el dispositivo se vuelva inutilizable (y requiera un reemplazo de hardware) o permitir la manipulación del proceso de comprobación de Secure Boot, que en algunas circunstancias puede permitir al atacante instalar y arrancar una imagen de software malicioso. Un atacante deberá cumplir todas las condiciones siguientes para intentar explotar esta vulnerabilidad: Tener acceso administrativo privilegiado al dispositivo. Poder acceder al sistema operativo subyacente que se ejecuta en el dispositivo; Esto se puede lograr mediante el uso de un mecanismo documentado de soporte o mediante la explotación de otra vulnerabilidad que proporcionaría a un atacante con dicho acceso. Desarrollar o tener acceso a un exploit específico de la plataforma. Un atacante que busque explotar esta vulnerabilidad en múltiples plataformas afectadas necesitará investigar cada una de esas plataformas y después desarrollar una vulnerabilidad específica de la plataforma. Si bien el proceso de investigación se podría realizar en diferentes plataformas, es poco probable que una vulnerabilidad desarrollada para una plataforma de hardware determinada opere en una plataforma de hardware diferente.", }, ], id: "CVE-2019-1649", lastModified: "2024-11-21T04:37:00.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-13T19:29:01.520", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108350", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108350", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/400865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-072-03", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-667", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2025-01-27 19:23
Severity ?
Summary
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/101044 | Broken Link, Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1039452 | Broken Link, Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101044 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039452 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos | Vendor Advisory |
Impacted products
{ cisaActionDue: "2022-03-24", cisaExploitAdd: "2022-03-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "650EB42C-D85F-482B-972D-7DCAC210DC48", versionEndIncluding: "15.6", versionStartIncluding: "15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "A6F668B9-2C1D-4306-8286-35E67D0F67C7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6D5E48D7-2266-4649-90A9-62C476AFE6DE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "99581637-E184-4A02-8313-57C7C31E5479", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B3AF3F75-0BD8-4AA6-B696-3624BEE86681", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6C58CEA6-69F8-4021-98C9-4676C70AB167", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "DF156D97-7C39-49CF-9938-D9681066FF05", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*", matchCriteriaId: "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "871AC0F6-5C01-43A1-8436-7885439BD81F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "2147DBF8-B733-4F76-90C5-9D94F1E93625", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9222CA59-F4FD-478D-83C9-566B389140B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "03A273EE-41C1-41E9-9002-46F83FC6533F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "05C90C43-2D7D-43F8-AD7F-421878909AE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "445597DA-7EEC-470D-9A71-BC43A9F7DE5E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "86049773-C88D-4A26-A0D3-D40F3C312AEC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "3B8A4630-8B21-4994-8EF5-E105593A64E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "F799DC02-EB06-458C-8545-A174475FE7A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B89FBA68-A8ED-4C5A-916E-A68468F59730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:44461_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "697BEF89-6D9B-4870-BE85-9090152F3E6E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "82225D40-537F-41D2-B1C4-1B7D06466B06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "398D63B0-F15B-409B-AFBC-DE6C94FAF815", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05CC9-8D04-4DE0-A854-375192B4D46C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "9030977A-7753-4ED5-A082-4B2F5749D37D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:860vae-w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "4C9C511D-7D5E-4758-A335-70019EBD9F8C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "E109E908-78B9-44ED-8719-B057057C2185", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:861w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "31F8D515-3D54-459F-8CE7-FFA91439C0D3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:866vae_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "510B60EF-AA4D-469F-8EEF-133F354DDF55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:867_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "EF7E6C9E-326B-42EF-86D4-4FB2C13E2BA4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:867vae_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "8D562373-BD3F-4690-928F-9FE0325A3379", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:871_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "F1A300FE-D6D3-41AC-9792-4D0E28621F72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:880-voice_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "EB62165B-6CA9-4DD8-8A36-B658F61FF9EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:880_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "8A2F1852-8ADC-42E0-8D05-961A733523D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:881-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "DA5ACE25-8C18-49B0-AFFC-17CB30F61930", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:881_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "AB6E4CF5-D944-4281-94E5-72BC5437BC62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:881_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "CFB6E8CC-89B8-490A-BFCF-FA9D55543B21", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:881w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "480629DC-DA23-4A9E-B90F-E8AB894C9353", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:886_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "BCEBDDE6-0EA0-4C2B-9A04-87236312A269", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:886va-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "4D3EA60A-1BA9-43E8-AF81-914846C26CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "FA7C5306-B810-4036-A241-7178F48ABE8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5413C7E7-F55C-4158-ABDF-2D8844B96680", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:886vag_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "A6745ADF-DCE3-42C3-A548-F9E44AEE88CC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "FEFD38B2-348F-4EF2-A9B7-40A9AA5FF511", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887v_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "A4F9EA2E-9EE7-4F68-9765-C78F85624F2D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887va-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "1563AC8D-4E4D-4126-8C5D-84B449AAEF57", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B3945CCD-E6F5-412D-9935-160BCD664B10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B0C23393-F7BB-4BA9-81A5-C298D84EBF0B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887vag_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "61B623C2-D81B-430B-9FD2-E2764EE94809", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887vam-w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "828E07F6-1E92-4990-AEBC-DBFE4B5B2DE4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:887vamg_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "08B77C60-06E0-47FF-8CD4-35FE5C60FF95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7E97DA13-D485-42BE-A0E9-F40A0C823735", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "E984A1EA-728A-4663-8494-1787AB5D93C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888e-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "35D9B6C7-A707-41CD-953F-5773FB3F7685", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888e_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "716E154A-5586-4F58-8203-EC8256E00BAD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888eg_3g_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "7CC0F79A-52CA-46A6-9C6A-0596718053E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:888w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "8054E665-E4DA-4453-A34B-830B69D273A7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:891-24x_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "BEA480B3-25E2-4B05-9F46-417B696789B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "526558F9-C72D-4DDA-B0DF-CAF7B97E30C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:891w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "B4B9D069-85C0-4299-BCAF-441A2D6227BF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "53AFBDFF-3D83-4685-82EE-A9EA4DC09241", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:892f-cube_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "AB4AF464-B247-40CF-A2B5-1B278303418B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:892w_integrated_services_router:-:*:*:*:*:*:*:*", matchCriteriaId: "D674C533-304A-42A4-97EE-1CA39908E888", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*", matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*", matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*", matchCriteriaId: "917B52DF-4210-4DD6-97EF-8A033497A954", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*", matchCriteriaId: "D7F413FB-D4F9-4113-9D67-2956BF1DC30D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*", matchCriteriaId: "FE2182E7-C813-4966-A36C-E648A9344299", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1000_:-:*:*:*:*:*:*:*", matchCriteriaId: "0ABA6B44-E3FB-4B9C-8148-D9F10E617DB8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*", matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*", matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*", matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*", matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*", matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*", matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*", matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*", matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*", matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*", matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*", matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*", matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*", matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*", matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*", matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*", matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*", matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*", matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*", matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*", matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*", matchCriteriaId: "5361C70A-C036-4254-9698-BC58F48C465B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de un protocolo en los routers Cisco Integrated Services Routers Generation 2 (ISR G2) que ejecuten Cisco IOS desde la versión 15.0 hasta la 15.6 podría permitir que un atacante adyacente sin autenticar haga que el dispositivo afectado se reinicie, provocando una denegación de servicio (DoS) en consecuencia. Esta vulnerabilidad se debe a una clasificación incorrecta de los frames Ethernet. Un atacante podría explotar esta vulnerabilidad enviando un frame Ethernet al dispositivo afectado. Si se explota con éxito, podría permitir que el atacante provoque que el dispositivo afectado se reinicie, provocando una denegación de servicio. Cisco Bug IDs: CSCvc03809.", }, ], id: "CVE-2017-12232", lastModified: "2025-01-27T19:23:29.077", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-09-29T01:34:48.780", references: [ { source: "psirt@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101044", }, { source: "psirt@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039452", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-25 20:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 15.7\(3\)m3 | |
| cisco | 807_industrial_integrated_services_routers | - | |
| cisco | 809_industrial_integrated_services_routers | - | |
| cisco | 829_industrial_integrated_services_routers | - | |
| cisco | cgr_1120 | - | |
| cisco | cgr1240 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*", matchCriteriaId: "64404B00-4956-47B8-ACDB-88E365E97212", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:807_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "3C197660-0D0F-4D80-8EF5-9A60E679BD24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "3C996F3B-0333-4B9A-B3E7-F50E64B0AAB3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05CC9-8D04-4DE0-A854-375192B4D46C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cgr_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1119E8B9-53A3-4724-9EEB-F4A35F9F59E1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*", matchCriteriaId: "D1FE609C-8021-48C8-AF15-F176D82A9B23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.", }, { lang: "es", value: "Una vulnerabilidad en el entorno de la aplicación IOx para Software Cisco IOS, podría permitir a un atacante remoto autenticado conseguir acceso no autorizado al Sistema Operativo Invitado (SO Invitado) que es ejecutado en un dispositivo afectado. La vulnerabilidad es debido a una evaluación incorrecta del control de acceso basado en roles (RBAC) cuando un usuario poco privilegiado solicita acceso a un SO Invitado que debe ser restringida a cuentas administrativas. Un atacante podría explotar esta vulnerabilidad mediante la autenticación en el Sistema Operativo Invitado mediante el empleo de las credenciales de un usuario poco privilegiado. Una explotación podría permitir al atacante conseguir acceso no autorizado al sistema operativo invitado como un usuario root.", }, ], id: "CVE-2019-12648", lastModified: "2024-11-21T04:23:15.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-25T20:15:10.477", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }