Vulnerability-Lookup - Search a vulnerability

cve-2017-3812

Vulnerability from cvelistv5

Published

2017-02-03 07:24

Modified

2024-08-05 14:39

Severity ?

Summary

A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95946	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1037771	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2	Version: Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T14:39:40.778Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
               },
               {
                  name: "95946",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/95946",
               },
               {
                  name: "1037771",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037771",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2",
                  },
               ],
            },
         ],
         datePublic: "2017-02-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "denial of service (DoS)",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-07-24T12:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
            },
            {
               name: "95946",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/95946",
            },
            {
               name: "1037771",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037771",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2017-3812",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "denial of service (DoS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
                  },
                  {
                     name: "95946",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/95946",
                  },
                  {
                     name: "1037771",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037771",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2017-3812",
      datePublished: "2017-02-03T07:24:00",
      dateReserved: "2016-12-21T00:00:00",
      dateUpdated: "2024-08-05T14:39:40.778Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-12235

Vulnerability from cvelistv5

Published

2017-09-28 07:00

Modified

2024-11-15 17:57

Severity ?

Summary

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/101043	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039451	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	Cisco IOS	Version: Cisco IOS

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:16.710Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "101043",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101043",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
               },
               {
                  name: "1039451",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039451",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2017-12235",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T17:33:04.185598Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2022-03-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12235",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:57:14.238Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco IOS",
                  },
               ],
            },
         ],
         datePublic: "2017-09-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-29T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "101043",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101043",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
            },
            {
               name: "1039451",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039451",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2017-12235",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco IOS",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "101043",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101043",
                  },
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
                  },
                  {
                     name: "1039451",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039451",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2017-12235",
      datePublished: "2017-09-28T07:00:00",
      dateReserved: "2017-08-03T00:00:00",
      dateUpdated: "2024-11-15T17:57:14.238Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd

Published

2017-02-03 07:59

Modified

2024-11-21 03:26

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/95946	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1037771
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95946	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037771
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	industrial_ethernet_2000_series_firmware	*
cisco	industrial_ethernet_2000_16ptc-g-e_switch	-
cisco	industrial_ethernet_2000_16ptc-g-l_switch	-
cisco	industrial_ethernet_2000_16ptc-g-nx_switch	-
cisco	industrial_ethernet_2000_16t67-b_switch	-
cisco	industrial_ethernet_2000_16t67p-g-e_switch	-
cisco	industrial_ethernet_2000_16tc-g-e_switch	-
cisco	industrial_ethernet_2000_16tc-g-l_switch	-
cisco	industrial_ethernet_2000_16tc-g-n_switch	-
cisco	industrial_ethernet_2000_16tc-g-x_switch	-
cisco	industrial_ethernet_2000_16tc-l_switch	-
cisco	industrial_ethernet_2000_24t67-b_switch	-
cisco	industrial_ethernet_2000_4s-ts-g-b_switch	-
cisco	industrial_ethernet_2000_4s-ts-g-l_switch	-
cisco	industrial_ethernet_2000_4t-b_switch	-
cisco	industrial_ethernet_2000_4t-g-b_switch	-
cisco	industrial_ethernet_2000_4t-g-l_switch	-
cisco	industrial_ethernet_2000_4t-l_switch	-
cisco	industrial_ethernet_2000_4ts-b_switch	-
cisco	industrial_ethernet_2000_4ts-g-b_switch	-
cisco	industrial_ethernet_2000_4ts-g-l_switch	-
cisco	industrial_ethernet_2000_4ts-l_switch	-
cisco	industrial_ethernet_2000_8t67-b_switch	-
cisco	industrial_ethernet_2000_8t67p-g-e_switch	-
cisco	industrial_ethernet_2000_8tc-b_switch	-
cisco	industrial_ethernet_2000_8tc-g-b_switch	-
cisco	industrial_ethernet_2000_8tc-g-e_switch	-
cisco	industrial_ethernet_2000_8tc-g-l_switch	-
cisco	industrial_ethernet_2000_8tc-g-n_switch	-
cisco	industrial_ethernet_2000_8tc-l_switch	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_series_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "64126B06-A388-40D2-A0A7-6520BCC90EE8",
                     versionEndIncluding: "15.2\\(5.4.32i\\)e2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "524D907D-4DDC-4439-A9E0-328BA272BE79",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4057243E-C776-4048-AF08-F1339DECFB76",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-nx_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D7518A-B5EA-493C-80C7-4938A36FF621",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0474966A-3F71-474F-926F-D4C03F0989D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67p-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "199F317F-4C29-4BE4-B5EE-FFD70C693A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A805F6F4-D977-493F-B3E8-CCE64A6F5AE4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DB0122F-82AB-467A-861B-9A9EAF36F695",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-n_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A29BB0-4033-4067-97E9-372C797A29CC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-x_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "334BC0D6-E9D8-47F5-AB48-7AB3F3A17844",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F1931F1-02FC-4F7D-8C18-C1482CD2530D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_24t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F9FB2B-D9AD-46DD-8D2E-0FB71E2EA825",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75325EB7-ABB8-409F-BB8E-1696FB3D0DA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CB2133-041C-48EE-8594-2F80C7A89A05",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C4D3841-67B6-4E21-A68D-FED30EC2CDEF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E906703D-3946-4EE7-BEF1-9753409FEEF8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D64C4436-6BB8-48EB-923D-11B6F9F18B1D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ECD0A92-A198-463B-8046-92D738C40DAF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87C75A46-74FC-4AF1-AF76-0CAC422473E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE4BC00-19FE-468C-8BCE-193E72066B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62729BD3-975A-4FCA-B255-FFFD51901081",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FAB865C-D5D6-474F-B42C-2C2958B1E876",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE94DAA2-D52A-424B-8E17-FC17D4B117B4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67p-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "429B7E0E-2897-4838-AC6B-41B3A5D85204",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22980E67-0A91-473F-9F86-3B594D7BE9FF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4360DC5A-DD47-42C5-9940-B9FE24422758",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "417ACF82-6769-4441-92CB-8BD06470518A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36036C1F-2A42-4633-AFD7-F4F8DEADBDE7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-n_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FEE1A077-564B-49A3-84C4-3E9EA6EA7675",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1DAFB25E-F057-423E-811D-1E4A8F9E2D73",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad Common Industrial Protocol (CIP) en Cisco Industrial Ethernet 2000 Series Switches podría permitir a un atacante remoto no autenticado provocar una condición de denegación de servicio (DoS) debido a una fuga del sistema de memoria. Más Información: CSCvc54788. Lanzamientos Afectados Conocidos: 15.2(5.4.32i)E2. Lanzamientos Reparados Conocidos: 15.2(5.4.62i)E2.",
      },
   ],
   id: "CVE-2017-3812",
   lastModified: "2024-11-21T03:26:09.900",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-02-03T07:59:00.763",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/95946",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1037771",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/95946",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1037771",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-772",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2017-09-29 01:34

Modified

2025-01-27 19:00

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/101043	Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1039451	Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101043	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039451	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios	*
cisco	industrial_ethernet_2000_16ptc-g-e_switch	-
cisco	industrial_ethernet_2000_16ptc-g-l_switch	-
cisco	industrial_ethernet_2000_16ptc-g-nx_switch	-
cisco	industrial_ethernet_2000_16t67-b_switch	-
cisco	industrial_ethernet_2000_16t67p-g-e_switch	-
cisco	industrial_ethernet_2000_16tc-g-e_switch	-
cisco	industrial_ethernet_2000_16tc-g-l_switch	-
cisco	industrial_ethernet_2000_16tc-g-n_switch	-
cisco	industrial_ethernet_2000_16tc-g-x_switch	-
cisco	industrial_ethernet_2000_16tc-l_switch	-
cisco	industrial_ethernet_2000_24t67-b_switch	-
cisco	industrial_ethernet_2000_4s-ts-g-b_switch	-
cisco	industrial_ethernet_2000_4s-ts-g-l_switch	-
cisco	industrial_ethernet_2000_4t-b_switch	-
cisco	industrial_ethernet_2000_4t-g-b_switch	-
cisco	industrial_ethernet_2000_4t-g-l_switch	-
cisco	industrial_ethernet_2000_4t-l_switch	-
cisco	industrial_ethernet_2000_4ts-b_switch	-
cisco	industrial_ethernet_2000_4ts-g-b_switch	-
cisco	industrial_ethernet_2000_4ts-g-l_switch	-
cisco	industrial_ethernet_2000_4ts-l_switch	-
cisco	industrial_ethernet_2000_8t67-b_switch	-
cisco	industrial_ethernet_2000_8t67p-g-e_switch	-
cisco	industrial_ethernet_2000_8tc-b_switch	-
cisco	industrial_ethernet_2000_8tc-g-b_switch	-
cisco	industrial_ethernet_2000_8tc-g-e_switch	-
cisco	industrial_ethernet_2000_8tc-g-l_switch	-
cisco	industrial_ethernet_2000_8tc-g-n_switch	-
cisco	industrial_ethernet_2000_8tc-l_switch	-
cisco	industrial_ethernet_2000_series_firmware	15.2\(5.4.32i\)e2

JSON

To clipboard

{
   cisaActionDue: "2022-03-24",
   cisaExploitAdd: "2022-03-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B29302F-A386-4E69-BD22-59CDF9CB0E21",
                     versionEndIncluding: "15.6",
                     versionStartIncluding: "12.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "524D907D-4DDC-4439-A9E0-328BA272BE79",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4057243E-C776-4048-AF08-F1339DECFB76",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-nx_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D7518A-B5EA-493C-80C7-4938A36FF621",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0474966A-3F71-474F-926F-D4C03F0989D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67p-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "199F317F-4C29-4BE4-B5EE-FFD70C693A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A805F6F4-D977-493F-B3E8-CCE64A6F5AE4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DB0122F-82AB-467A-861B-9A9EAF36F695",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-n_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "69A29BB0-4033-4067-97E9-372C797A29CC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-x_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "334BC0D6-E9D8-47F5-AB48-7AB3F3A17844",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F1931F1-02FC-4F7D-8C18-C1482CD2530D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_24t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F9FB2B-D9AD-46DD-8D2E-0FB71E2EA825",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75325EB7-ABB8-409F-BB8E-1696FB3D0DA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03CB2133-041C-48EE-8594-2F80C7A89A05",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C4D3841-67B6-4E21-A68D-FED30EC2CDEF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E906703D-3946-4EE7-BEF1-9753409FEEF8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D64C4436-6BB8-48EB-923D-11B6F9F18B1D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ECD0A92-A198-463B-8046-92D738C40DAF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87C75A46-74FC-4AF1-AF76-0CAC422473E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FE4BC00-19FE-468C-8BCE-193E72066B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62729BD3-975A-4FCA-B255-FFFD51901081",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FAB865C-D5D6-474F-B42C-2C2958B1E876",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE94DAA2-D52A-424B-8E17-FC17D4B117B4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67p-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "429B7E0E-2897-4838-AC6B-41B3A5D85204",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22980E67-0A91-473F-9F86-3B594D7BE9FF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-b_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4360DC5A-DD47-42C5-9940-B9FE24422758",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-e_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "417ACF82-6769-4441-92CB-8BD06470518A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36036C1F-2A42-4633-AFD7-F4F8DEADBDE7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-n_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FEE1A077-564B-49A3-84C4-3E9EA6EA7675",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-l_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1DAFB25E-F057-423E-811D-1E4A8F9E2D73",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:industrial_ethernet_2000_series_firmware:15.2\\(5.4.32i\\)e2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C4A570B-15DD-45CD-8E0E-B828031CA8ED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de un PN-DCP (PROFINET Discovery and Configuration Protocol) para Cisco IOS desde la versión 12.2 hasta la 15.6 podría permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie, provocando una denegación de servicio (DoS) en consecuencia. Esta vulnerabilidad se debe a un análisis sintáctico incorrecto de los paquetes PN-DCP Identify Request manipulados destinados al dispositivo afectado. Un atacante podría explotar esta vulnerabilidad enviando un paquete PN-DCP Identify Request manipulado al dispositivo afectado y luego continuando el envío de paquetes PN-DCP Identify Request normales al dispositivo. Si se explota con éxito, podría permitir que el atacante consiga que el dispositivo afectado se reinicie, provocando una denegación de servicio. Esta vulnerabilidad afecta a dispositivos Cisco que están configurados para procesar mensajes PROFINET. Empezando con la distribución 12.2(52)SE del software de Cisco IOS, PROFINET está habilitado por defecto en todos los puertos Ethernet para las unidades de expansión y los módulos de switch base. Cisco Bug IDs: CSCuz47179.",
      },
   ],
   id: "CVE-2017-12235",
   lastModified: "2025-01-27T19:00:56.937",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-09-29T01:34:48.890",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101043",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039451",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101043",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039451",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerabilites related to cisco - industrial_ethernet_2000_16t67p-g-e_switch

cve-2017-3812

Vulnerability from cvelistv5

cve-2017-12235

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd