Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-0999
Vulnerability from csaf_certbund
Published
2017-06-29 22:00
Modified
2023-04-18 22:00
Summary
Cisco IOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das für Cisco Geräte wie z. B. Router und Switches eingesetzt wird.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Cisco IOS und Cisco IOS XE ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das f\u00fcr Cisco Ger\u00e4te wie z. B. Router und Switches eingesetzt wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Cisco IOS und Cisco IOS XE ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0999 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2023-0999.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0999 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0999"
},
{
"category": "external",
"summary": "NCSC Warning vom 2023-04-18",
"url": "https://www.ncsc.gov.uk/news/apt28-exploits-known-vulnerability-to-carry-out-reconnaissance-and-deploy-malware-on-cisco-routers"
},
{
"category": "external",
"summary": "Cisco Security Advisory #cisco-sa-20170629-snmp vom 2017-06-29",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
},
{
"category": "external",
"summary": "Meldung 43450 auf der Exploit-DB vom 2018-01-07",
"url": "https://www.exploit-db.com/exploits/43450/"
},
{
"category": "external",
"summary": "Update des Cisco Security Advisory cisco-sa-20170629-snmp vom 2018-01-11",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"source_lang": "en-US",
"title": "Cisco IOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-18T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:49:06.732+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0999",
"initial_release_date": "2017-06-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2017-06-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-07-23T22:00:00.000+00:00",
"number": "2",
"summary": "reference added"
},
{
"date": "2017-09-04T22:00:00.000+00:00",
"number": "3",
"summary": "Admin"
},
{
"date": "2017-09-04T22:00:00.000+00:00",
"number": "4",
"summary": "Admin"
},
{
"date": "2017-09-05T22:00:00.000+00:00",
"number": "5",
"summary": "Auswirkung auf Admin gesetzt"
},
{
"date": "2017-09-05T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-01-07T23:00:00.000+00:00",
"number": "7",
"summary": "poc added"
},
{
"date": "2018-01-11T23:00:00.000+00:00",
"number": "8",
"summary": "update of cisco advisory"
},
{
"date": "2018-01-11T23:00:00.000+00:00",
"number": "9",
"summary": "Version nicht vorhanden"
},
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "10",
"summary": "CVE-2017-6742 wird durch \"APT28\" ausgenutzt"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cisco IOS",
"product": {
"name": "Cisco IOS",
"product_id": "T008395",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios:-"
}
}
},
{
"category": "product_name",
"name": "Cisco IOS XE",
"product": {
"name": "Cisco IOS XE",
"product_id": "T001605",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:-"
}
}
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-6736",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6736"
},
{
"cve": "CVE-2017-6737",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6737"
},
{
"cve": "CVE-2017-6738",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6738"
},
{
"cve": "CVE-2017-6739",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6739"
},
{
"cve": "CVE-2017-6740",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6740"
},
{
"cve": "CVE-2017-6741",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6741"
},
{
"cve": "CVE-2017-6742",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6742"
},
{
"cve": "CVE-2017-6743",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6743"
},
{
"cve": "CVE-2017-6744",
"notes": [
{
"category": "description",
"text": "In Cisco IOS und Cisco IOS XE existieren mehrere Schwachstellen im Zusammenhang mit dem Simple Network Management Protocol (SNMP). Diese Schwachstellen basieren auf einem Buffer Overflow Fehler im SNMP Subsystem.Ein entfernter authentisierter Angreifer kann diese Schwachstellen durch das Senden einer entsprechend bearbeiteten SNMP Anfrage an ein betroffenes System ausnutzen, um beliebigen Code auszuf\u00fchren und volle Kontrolle \u00fcber das System zu erlangen oder um ein Neustart des Ger\u00e4ts zu verursachen."
}
],
"product_status": {
"known_affected": [
"T001605",
"T008395"
]
},
"release_date": "2017-06-29T22:00:00.000+00:00",
"title": "CVE-2017-6744"
}
]
}
cve-2017-6736
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 18:00
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/43450/ | exploit, x_refsource_EXPLOIT-DB | |
| https://github.com/artkond/cisco-snmp-rce | x_refsource_MISC | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "43450",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43450/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/artkond/cisco-snmp-rce"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6736",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:37:36.543844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6736"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T18:00:00.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-07T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "43450",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43450/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/artkond/cisco-snmp-rce"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "43450",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43450/"
},
{
"name": "https://github.com/artkond/cisco-snmp-rce",
"refsource": "MISC",
"url": "https://github.com/artkond/cisco-snmp-rce"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6736",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T18:00:00.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6737
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:59
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60402.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6737",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:36:41.695392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6737"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:59:41.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60402."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60402."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6737",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:59:41.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6742
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:58
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve54313.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6742",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:35:28.397376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-04-19",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6742"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:58:48.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve54313."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve54313."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6742",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:58:48.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6744
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | IOS |
Version: 12.1(3)XI Version: 12.2(1b)DA Version: 12.2(5)DA Version: 12.2(7)DA Version: 12.2(12)DA Version: 12.2(10)DA5 Version: 12.2(12)DA10 Version: 12.2(10)DA Version: 12.2(12)DA1 Version: 12.2(12)DA6 Version: 12.2(10)DA8 Version: 12.2(12)DA8 Version: 12.2(12)DA11 Version: 12.2(12)DA9 Version: 12.2(12)DA4 Version: 12.2(10)DA3 Version: 12.2(5)DA1 Version: 12.2(12)DA13 Version: 12.2(12)DA12 Version: 12.2(12)DA7 Version: 12.2(1b)DA1 Version: 12.2(10)DA1 Version: 12.2(10)DA6 Version: 12.2(10)DA4 Version: 12.2(12)DA2 Version: 12.2(12)DA3 Version: 12.2(10)DA2 Version: 12.2(12)DA5 Version: 12.2(10)DA7 Version: 12.2(10)DA9 Version: 12.2(22)S Version: 12.2(20)S Version: 12.2(18)S Version: 12.2(25)S Version: 12.2(20)S5 Version: 12.2(18)S1 Version: 12.2(20)S4 Version: 12.2(18)S2 Version: 12.2(18)S4 Version: 12.2(25)S2 Version: 12.2(20)S2 Version: 12.2(18)S3 Version: 12.2(20)S6 Version: 12.2(20)S3 Version: 12.2(25)S1 Version: 12.2(20)S1 Version: 12.2(10a) Version: 12.2(1) Version: 12.2(21b) Version: 12.2(10) Version: 12.2(1a) Version: 12.2(1b) Version: 12.2(1d) Version: 12.2(10b) Version: 12.2(10d) Version: 12.2(10g) Version: 12.2(3d) Version: 12.2(3g) Version: 12.2(3) Version: 12.2(5) Version: 12.2(5a) Version: 12.2(5d) Version: 12.2(6g) Version: 12.2(6h) Version: 12.2(6i) Version: 12.2(6j) Version: 12.2(6) Version: 12.2(6a) Version: 12.2(6b) Version: 12.2(6c) Version: 12.2(6d) Version: 12.2(6e) Version: 12.2(6f) Version: 12.2(7a) Version: 12.2(7b) Version: 12.2(7c) Version: 12.2(7g) Version: 12.2(7) Version: 12.2(37) Version: 12.2(19b) Version: 12.2(24b) Version: 12.2(12e) Version: 12.2(28) Version: 12.2(12b) Version: 12.2(26b) Version: 12.2(28a) Version: 12.2(12i) Version: 12.2(19) Version: 12.2(24) Version: 12.2(12g) Version: 12.2(13c) Version: 12.2(12f) Version: 12.2(12c) Version: 12.2(32) Version: 12.2(31) Version: 12.2(26a) Version: 12.2(27) Version: 12.2(17e) Version: 12.2(28d) Version: 12.2(17a) Version: 12.2(12k) Version: 12.2(13e) Version: 12.2(12a) Version: 12.2(19c) Version: 12.2(27b) Version: 12.2(17b) Version: 12.2(23) Version: 12.2(27a) Version: 12.2(16) Version: 12.2(12m) Version: 12.2(40) Version: 12.2(28c) Version: 12.2(24a) Version: 12.2(21a) Version: 12.2(13b) Version: 12.2(23a) Version: 12.2(17d) Version: 12.2(26) Version: 12.2(23c) Version: 12.2(16b) Version: 12.2(13) Version: 12.2(19a) Version: 12.2(17f) Version: 12.2(28b) Version: 12.2(23d) Version: 12.2(12) Version: 12.2(12j) Version: 12.2(23f) Version: 12.2(17) Version: 12.2(16c) Version: 12.2(16a) Version: 12.2(12l) Version: 12.2(12h) Version: 12.2(16f) Version: 12.2(29a) Version: 12.2(13a) Version: 12.2(40a) Version: 12.2(23e) Version: 12.2(21) Version: 12.2(46) Version: 12.2(29) Version: 12.2(4)YA Version: 12.2(4)YA6 Version: 12.2(4)YA3 Version: 12.2(4)YA4 Version: 12.2(4)YA1 Version: 12.2(4)YA11 Version: 12.2(4)YA2 Version: 12.2(4)YA9 Version: 12.2(4)YA8 Version: 12.2(4)YA5 Version: 12.2(4)YA12 Version: 12.2(4)YA10 Version: 12.2(4)YA7 Version: 12.2(4)YG Version: 12.2(14)SZ Version: 12.2(14)SZ5 Version: 12.2(14)SZ6 Version: 12.2(14)SZ3 Version: 12.2(14)SZ4 Version: 12.2(14)SZ1 Version: 12.2(14)SZ2 Version: 12.2(8)YJ Version: 12.2(8)YJ1 Version: 12.2(8)YN Version: 12.2(9)YO Version: 12.2(9)YO3 Version: 12.2(9)YO2 Version: 12.2(9)YO1 Version: 12.2(9)YO4 Version: 12.2(8)YM Version: 12.2(11)YU Version: 12.2(11)YV Version: 12.2(11)YV1 Version: 12.2(11)YZ Version: 12.2(11)YZ1 Version: 12.2(11)YZ2 Version: 12.2(8)ZB Version: 12.2(13)ZG Version: 12.2(13)ZH Version: 12.2(13)ZH9 Version: 12.2(13)ZH2 Version: 12.2(13)ZH8 Version: 12.2(13)ZH10 Version: 12.2(13)ZH4 Version: 12.2(13)ZH3 Version: 12.2(13)ZH7 Version: 12.2(13)ZH6 Version: 12.3(9a) Version: 12.3(15) Version: 12.3(19) Version: 12.3(10f) Version: 12.3(10a) Version: 12.3(1) Version: 12.3(1a) Version: 12.3(10) Version: 12.3(10b) Version: 12.3(10c) Version: 12.3(10d) Version: 12.3(10e) Version: 12.3(12b) Version: 12.3(12a) Version: 12.3(12c) Version: 12.3(12d) Version: 12.3(12e) Version: 12.3(12) Version: 12.3(13) Version: 12.3(13a) Version: 12.3(13b) Version: 12.3(15a) Version: 12.3(16) Version: 12.3(17) Version: 12.3(17a) Version: 12.3(17b) Version: 12.3(18) Version: 12.3(20) Version: 12.3(3f) Version: 12.3(3e) Version: 12.3(3g) Version: 12.3(3c) Version: 12.3(3b) Version: 12.3(3a) Version: 12.3(3) Version: 12.3(3i) Version: 12.3(3h) Version: 12.3(5c) Version: 12.3(5b) Version: 12.3(5a) Version: 12.3(5) Version: 12.3(5f) Version: 12.3(5e) Version: 12.3(5d) Version: 12.3(6f) Version: 12.3(6e) Version: 12.3(6c) Version: 12.3(6b) Version: 12.3(6a) Version: 12.3(6) Version: 12.3(9d) Version: 12.3(9e) Version: 12.3(9) Version: 12.3(9b) Version: 12.3(9c) Version: 12.3(16a) Version: 12.3(15b) Version: 12.3(21) Version: 12.3(22) Version: 12.3(21b) Version: 12.3(23) Version: 12.3(26) Version: 12.3(20a) Version: 12.3(22a) Version: 12.3(25) Version: 12.3(17c) Version: 12.3(24) Version: 12.3(19a) Version: 12.3(24a) Version: 12.3(18a) Version: 12.3(11)T Version: 12.3(7)T12 Version: 12.3(11)T11 Version: 12.3(11)T10 Version: 12.3(14)T7 Version: 12.3(14)T Version: 12.3(8)T Version: 12.3(2)T Version: 12.3(4)T Version: 12.3(7)T Version: 12.3(8)T9 Version: 12.3(2)T9 Version: 12.3(8)T6 Version: 12.3(4)T9 Version: 12.3(4)T4 Version: 12.3(2)T1 Version: 12.3(11)T5 Version: 12.3(7)T3 Version: 12.3(2)T2 Version: 12.3(8)T3 Version: 12.3(4)T7 Version: 12.3(8)T7 Version: 12.3(11)T8 Version: 12.3(7)T2 Version: 12.3(8)T4 Version: 12.3(8)T8 Version: 12.3(14)T5 Version: 12.3(11)T3 Version: 12.3(4)T10 Version: 12.3(2)T4 Version: 12.3(8)T10 Version: 12.3(14)T2 Version: 12.3(4)T2 Version: 12.3(7)T7 Version: 12.3(7)T10 Version: 12.3(7)T4 Version: 12.3(11)T6 Version: 12.3(7)T11 Version: 12.3(4)T6 Version: 12.3(2)T3 Version: 12.3(2)T5 Version: 12.3(2)T6 Version: 12.3(4)T3 Version: 12.3(14)T3 Version: 12.3(2)T8 Version: 12.3(11)T4 Version: 12.3(7)T9 Version: 12.3(8)T11 Version: 12.3(11)T9 Version: 12.3(7)T8 Version: 12.3(4)T1 Version: 12.3(8)T5 Version: 12.3(4)T11 Version: 12.3(4)T8 Version: 12.3(14)T1 Version: 12.3(11)T2 Version: 12.3(7)T6 Version: 12.3(2)T7 Version: 12.3(11)T7 Version: 12.3(7)T1 Version: 12.3(14)T6 Version: 12.3(8)T1 Version: 12.3(2)XA Version: 12.3(2)XA4 Version: 12.3(2)XA7 Version: 12.3(2)XA3 Version: 12.3(2)XA6 Version: 12.3(2)XA5 Version: 12.3(4)XQ Version: 12.3(4)XQ1 Version: 12.3(11)XL Version: 12.3(11)XL1 Version: 12.3(4)XK3 Version: 12.3(4)XK1 Version: 12.3(4)XK4 Version: 12.3(4)XK Version: 12.3(4)XK2 Version: 12.3(4)XG Version: 12.3(4)XG3 Version: 12.3(4)XG1 Version: 12.3(4)XG4 Version: 12.3(4)XG2 Version: 12.3(4)XG5 Version: 12.3(2)XF Version: 12.3(2)XE Version: 12.3(2)XE5 Version: 12.3(2)XE2 Version: 12.3(2)XE1 Version: 12.3(2)XE4 Version: 12.3(2)XE3 Version: 12.3(4)XD Version: 12.3(4)XD4 Version: 12.3(4)XD1 Version: 12.3(4)XD3 Version: 12.3(4)XD2 Version: 12.3(2)XC Version: 12.3(2)XC2 Version: 12.3(2)XC1 Version: 12.2(25)SE Version: 12.3(7)XR Version: 12.3(7)XR4 Version: 12.3(7)XR3 Version: 12.3(7)XR5 Version: 12.3(7)XR6 Version: 12.3(7)XR2 Version: 12.3(7)XR7 Version: 12.3(8)XX Version: 12.3(8)XX1 Version: 12.3(8)XX2d Version: 12.3(8)YA Version: 12.3(8)YA1 Version: 12.3(11)YF2 Version: 12.3(8)YG Version: 12.3(8)YG5 Version: 12.3(8)YG3 Version: 12.3(8)YG6 Version: 12.3(8)YG2 Version: 12.3(8)YG1 Version: 12.3(8)YG4 Version: 12.2(12b)M1 Version: 12.2(12h)M1 Version: 12.3(8)YI2 Version: 12.3(8)YI3 Version: 12.3(8)YI1 Version: 12.3(11)YK Version: 12.3(11)YK1 Version: 12.3(11)YK2 Version: 12.3(11)YK3 Version: 12.3(2)JA3 Version: 12.3(2)JA4 Version: 12.3(11)JA2 Version: 12.3(11)YS Version: 12.3(11)YS1 Version: 12.3(11)YS2 Version: 12.4(3e) Version: 12.4(7b) Version: 12.4(8) Version: 12.4(5b) Version: 12.4(7a) Version: 12.4(3d) Version: 12.4(1) Version: 12.4(1a) Version: 12.4(1b) Version: 12.4(1c) Version: 12.4(10) Version: 12.4(3) Version: 12.4(3a) Version: 12.4(3b) Version: 12.4(3c) Version: 12.4(3f) Version: 12.4(5) Version: 12.4(5a) Version: 12.4(7c) Version: 12.4(7) Version: 12.4(8a) Version: 12.4(8b) Version: 12.4(7d) Version: 12.4(3g) Version: 12.4(8c) Version: 12.4(10b) Version: 12.4(12) Version: 12.4(12a) Version: 12.4(12b) Version: 12.4(13) Version: 12.4(13a) Version: 12.4(13b) Version: 12.4(13c) Version: 12.4(7e) Version: 12.4(17) Version: 12.4(25e) Version: 12.4(18b) Version: 12.4(18e) Version: 12.4(25g) Version: 12.4(3i) Version: 12.4(3j) Version: 12.4(23b) Version: 12.4(3h) Version: 12.4(7h) Version: 12.4(25a) Version: 12.4(16) Version: 12.4(13d) Version: 12.4(25) Version: 12.4(25c) Version: 12.4(19) Version: 12.4(13e) Version: 12.4(25b) Version: 12.4(23) Version: 12.4(10c) Version: 12.4(21) Version: 12.4(16b) Version: 12.4(16a) Version: 12.4(23a) Version: 12.4(25d) Version: 12.4(7f) Version: 12.4(18) Version: 12.4(21a) Version: 12.4(13f) Version: 12.4(25f) Version: 12.4(18c) Version: 12.4(5c) Version: 12.4(8d) Version: 12.4(12c) Version: 12.4(17a) Version: 12.4(18a) Version: 12.4(17b) Version: 12.4(7g) Version: 12.3(8)JK Version: 12.4(6)MR1 Version: 12.4(11)MR Version: 12.4(2)MR Version: 12.4(4)MR Version: 12.4(6)MR Version: 12.4(9)MR Version: 12.4(12)MR Version: 12.4(16)MR Version: 12.4(16)MR1 Version: 12.4(19)MR2 Version: 12.4(19)MR1 Version: 12.4(19)MR Version: 12.4(20)MR Version: 12.4(4)MR1 Version: 12.4(19)MR3 Version: 12.4(12)MR1 Version: 12.4(20)MR2 Version: 12.4(16)MR2 Version: 12.4(12)MR2 Version: 12.4(2)MR1 Version: 12.4(20)MR1 Version: 12.4(4)T Version: 12.4(4)T1 Version: 12.4(4)T2 Version: 12.4(4)T3 Version: 12.4(6)T Version: 12.4(6)T1 Version: 12.4(6)T2 Version: 12.4(9)T Version: 12.4(4)T4 Version: 12.4(2)T5 Version: 12.4(6)T3 Version: 12.4(2)T Version: 12.4(11)T Version: 12.4(15)T Version: 12.4(20)T Version: 12.4(24)T Version: 12.4(24)T3 Version: 12.4(4)T8 Version: 12.4(20)T1 Version: 12.4(22)T1 Version: 12.4(15)T9 Version: 12.4(11)T4 Version: 12.4(15)T8 Version: 12.4(6)T5 Version: 12.4(15)T15 Version: 12.4(24)T5 Version: 12.4(15)T2 Version: 12.4(6)T8 Version: 12.4(15)T12 Version: 12.4(24)T4 Version: 12.4(6)T11 Version: 12.4(9)T5 Version: 12.4(20)T3 Version: 12.4(6)T4 Version: 12.4(4)T6 Version: 12.4(22)T Version: 12.4(20)T6 Version: 12.4(9)T3 Version: 12.4(24)T8 Version: 12.4(6)T7 Version: 12.4(15)T13 Version: 12.4(6)T10 Version: 12.4(15)T3 Version: 12.4(24)T2 Version: 12.4(22)T5 Version: 12.4(2)T3 Version: 12.4(15)T10 Version: 12.4(22)T4 Version: 12.4(20)T5 Version: 12.4(9)T6 Version: 12.4(15)T4 Version: 12.4(2)T4 Version: 12.4(24)T1 Version: 12.4(9)T4 Version: 12.4(24)T7 Version: 12.4(22)T3 Version: 12.4(9)T1 Version: 12.4(24)T6 Version: 12.4(6)T9 Version: 12.4(15)T5 Version: 12.4(4)T7 Version: 12.4(20)T2 Version: 12.4(2)T1 Version: 12.4(11)T1 Version: 12.4(15)T11 Version: 12.4(2)T6 Version: 12.4(2)T2 Version: 12.4(15)T7 Version: 12.4(11)T2 Version: 12.4(9)T7 Version: 12.4(15)T14 Version: 12.4(11)T3 Version: 12.4(15)T6 Version: 12.4(15)T16 Version: 12.4(15)T1 Version: 12.4(9)T2 Version: 12.4(6)T6 Version: 12.4(22)T2 Version: 12.4(4)T5 Version: 12.4(20)T4 Version: 12.4(15)T17 Version: 12.3(14)YT Version: 12.3(14)YT1 Version: 12.3(11)JX Version: 12.3(7)JX9 Version: 12.3(11)JX1 Version: 12.3(4)TPC11b Version: 12.3(4)TPC11a Version: 12.4(2)XA Version: 12.4(2)XA1 Version: 12.4(2)XA2 Version: 12.4(4)XC Version: 12.4(4)XC1 Version: 12.4(4)XC5 Version: 12.4(4)XC7 Version: 12.4(4)XC3 Version: 12.4(4)XC4 Version: 12.4(4)XC2 Version: 12.4(4)XC6 Version: 12.4(6)XE Version: 12.4(6)XE2 Version: 12.4(6)XE1 Version: 12.3(11)YZ1 Version: 12.3(11)YZ Version: 12.3(11)YZ2 Version: 12.4(11)SW Version: 12.4(15)SW6 Version: 12.4(15)SW Version: 12.4(11)SW1 Version: 12.4(15)SW5 Version: 12.4(15)SW1 Version: 12.4(15)SW4 Version: 12.4(11)SW3 Version: 12.4(11)SW2 Version: 12.4(15)SW3 Version: 12.4(15)SW2 Version: 12.4(15)SW7 Version: 12.4(15)SW8 Version: 12.4(15)SW8a Version: 12.4(15)SW9 Version: 12.4(11)XJ Version: 12.4(11)XJ3 Version: 12.4(11)XJ2 Version: 12.4(11)XJ4 Version: 12.4(6)XT Version: 12.4(6)XT1 Version: 12.4(6)XT2 Version: 12.4(11)MD2 Version: 12.4(11)XV Version: 12.4(11)XV1 Version: 12.4(11)XW Version: 12.4(11)XW3 Version: 12.4(11)XW7 Version: 12.4(11)XW10 Version: 12.4(11)XW8 Version: 12.4(11)XW9 Version: 12.4(11)XW6 Version: 12.4(11)XW4 Version: 12.4(11)XW1 Version: 12.4(11)XW5 Version: 12.4(11)XW2 Version: 12.4(15)XY4 Version: 12.4(15)XY5 Version: 12.4(15)XY1 Version: 12.4(15)XY Version: 12.4(15)XY2 Version: 12.4(15)XY3 Version: 12.4(15)XZ Version: 12.4(15)XZ2 Version: 12.4(15)XZ1 Version: 12.3(8)ZA Version: 12.4(23c)JY Version: 15.0(1)M1 Version: 15.0(1)M5 Version: 15.0(1)M4 Version: 15.0(1)M3 Version: 15.0(1)M2 Version: 15.0(1)M6 Version: 15.0(1)M Version: 15.0(1)M7 Version: 15.0(1)M10 Version: 15.0(1)M9 Version: 15.0(1)M8 Version: 15.0(1)XA2 Version: 15.0(1)XA4 Version: 15.0(1)XA1 Version: 15.0(1)XA3 Version: 15.0(1)XA Version: 15.0(1)XA5 Version: 15.1(2)T Version: 15.1(1)T4 Version: 15.1(3)T2 Version: 15.1(1)T1 Version: 15.1(2)T0a Version: 15.1(3)T3 Version: 15.1(1)T3 Version: 15.1(2)T3 Version: 15.1(2)T4 Version: 15.1(1)T2 Version: 15.1(3)T Version: 15.1(2)T2a Version: 15.1(3)T1 Version: 15.1(1)T Version: 15.1(2)T2 Version: 15.1(2)T1 Version: 15.1(2)T5 Version: 15.1(3)T4 Version: 15.1(1)T5 Version: 15.1(1)XB Version: 12.2(33)MRA Version: 12.2(33)MRB5 Version: 12.2(33)MRB2 Version: 12.2(33)MRB1 Version: 12.2(33)MRB4 Version: 12.2(33)MRB Version: 12.2(33)MRB3 Version: 12.2(33)MRB6 Version: 15.3(1)T Version: 15.3(2)T Version: 15.3(1)T1 Version: 15.3(1)T2 Version: 15.3(1)T3 Version: 15.3(1)T4 Version: 15.3(2)T1 Version: 15.3(2)T2 Version: 15.3(2)T3 Version: 15.3(2)T4 Version: 15.0(1)EY Version: 15.0(1)EY2 Version: 12.4(20)MRB Version: 12.4(20)MRB1 Version: 15.1(4)M3 Version: 15.1(4)M Version: 15.1(4)M1 Version: 15.1(4)M2 Version: 15.1(4)M6 Version: 15.1(4)M5 Version: 15.1(4)M4 Version: 15.1(4)M7 Version: 15.1(4)M10 Version: 15.1(4)M8 Version: 15.1(4)M9 Version: 15.1(2)GC Version: 15.1(2)GC1 Version: 15.1(2)GC2 Version: 15.1(4)GC Version: 15.1(4)GC1 Version: 15.1(4)GC2 Version: 15.2(4)M Version: 15.2(4)M1 Version: 15.2(4)M2 Version: 15.2(4)M4 Version: 15.2(4)M3 Version: 15.2(4)M5 Version: 15.2(4)M8 Version: 15.2(4)M10 Version: 15.2(4)M7 Version: 15.2(4)M6 Version: 15.2(4)M9 Version: 15.2(4)M6a Version: 15.2(4)M11 Version: 15.0(2)SG11a Version: 15.0(2)EX2 Version: 15.0(2)EX8 Version: 15.2(1)GC Version: 15.2(1)GC1 Version: 15.2(1)GC2 Version: 15.2(2)GC Version: 15.2(3)GC Version: 15.2(3)GC1 Version: 15.2(4)GC Version: 15.2(4)GC2 Version: 15.2(4)GC3 Version: 15.4(1)T Version: 15.4(2)T Version: 15.4(1)T2 Version: 15.4(1)T1 Version: 15.4(1)T3 Version: 15.4(2)T1 Version: 15.4(2)T3 Version: 15.4(2)T2 Version: 15.4(1)T4 Version: 15.4(2)T4 Version: 15.3(3)M Version: 15.3(3)M1 Version: 15.3(3)M2 Version: 15.3(3)M3 Version: 15.3(3)M5 Version: 15.3(3)M4 Version: 15.3(3)M6 Version: 15.3(3)M7 Version: 15.3(3)M8 Version: 15.3(3)M9 Version: 15.3(3)M8a Version: 15.4(3)M Version: 15.4(3)M1 Version: 15.4(3)M2 Version: 15.4(3)M3 Version: 15.4(3)M4 Version: 15.4(3)M5 Version: 15.4(3)M6 Version: 15.4(3)M7 Version: 15.4(3)M6a Version: 15.2(4)JAZ1 Version: 15.4(1)CG Version: 15.4(1)CG1 Version: 15.4(2)CG Version: 15.5(1)T Version: 15.5(1)T1 Version: 15.5(2)T Version: 15.5(1)T2 Version: 15.5(1)T3 Version: 15.5(2)T1 Version: 15.5(2)T2 Version: 15.5(2)T3 Version: 15.5(2)T4 Version: 15.5(1)T4 Version: 15.5(3)M Version: 15.5(3)M1 Version: 15.5(3)M0a Version: 15.5(3)M2 Version: 15.5(3)M3 Version: 15.5(3)M4 Version: 15.5(3)M4a Version: 15.5(3)M5 Version: 15.3(3)JAA1 Version: 15.6(1)T Version: 15.6(2)T Version: 15.6(1)T0a Version: 15.6(1)T1 Version: 15.6(2)T1 Version: 15.6(1)T2 Version: 15.6(2)T2 Version: 15.6(3)M Version: 15.6(3)M1 Version: 15.6(3)M0a Version: 15.6(3)M1b Version: 15.6(3)M2 Version: 15.6(3)M2a |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-20170629-snmp",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(3)XI"
},
{
"status": "affected",
"version": "12.2(1b)DA"
},
{
"status": "affected",
"version": "12.2(5)DA"
},
{
"status": "affected",
"version": "12.2(7)DA"
},
{
"status": "affected",
"version": "12.2(12)DA"
},
{
"status": "affected",
"version": "12.2(10)DA5"
},
{
"status": "affected",
"version": "12.2(12)DA10"
},
{
"status": "affected",
"version": "12.2(10)DA"
},
{
"status": "affected",
"version": "12.2(12)DA1"
},
{
"status": "affected",
"version": "12.2(12)DA6"
},
{
"status": "affected",
"version": "12.2(10)DA8"
},
{
"status": "affected",
"version": "12.2(12)DA8"
},
{
"status": "affected",
"version": "12.2(12)DA11"
},
{
"status": "affected",
"version": "12.2(12)DA9"
},
{
"status": "affected",
"version": "12.2(12)DA4"
},
{
"status": "affected",
"version": "12.2(10)DA3"
},
{
"status": "affected",
"version": "12.2(5)DA1"
},
{
"status": "affected",
"version": "12.2(12)DA13"
},
{
"status": "affected",
"version": "12.2(12)DA12"
},
{
"status": "affected",
"version": "12.2(12)DA7"
},
{
"status": "affected",
"version": "12.2(1b)DA1"
},
{
"status": "affected",
"version": "12.2(10)DA1"
},
{
"status": "affected",
"version": "12.2(10)DA6"
},
{
"status": "affected",
"version": "12.2(10)DA4"
},
{
"status": "affected",
"version": "12.2(12)DA2"
},
{
"status": "affected",
"version": "12.2(12)DA3"
},
{
"status": "affected",
"version": "12.2(10)DA2"
},
{
"status": "affected",
"version": "12.2(12)DA5"
},
{
"status": "affected",
"version": "12.2(10)DA7"
},
{
"status": "affected",
"version": "12.2(10)DA9"
},
{
"status": "affected",
"version": "12.2(22)S"
},
{
"status": "affected",
"version": "12.2(20)S"
},
{
"status": "affected",
"version": "12.2(18)S"
},
{
"status": "affected",
"version": "12.2(25)S"
},
{
"status": "affected",
"version": "12.2(20)S5"
},
{
"status": "affected",
"version": "12.2(18)S1"
},
{
"status": "affected",
"version": "12.2(20)S4"
},
{
"status": "affected",
"version": "12.2(18)S2"
},
{
"status": "affected",
"version": "12.2(18)S4"
},
{
"status": "affected",
"version": "12.2(25)S2"
},
{
"status": "affected",
"version": "12.2(20)S2"
},
{
"status": "affected",
"version": "12.2(18)S3"
},
{
"status": "affected",
"version": "12.2(20)S6"
},
{
"status": "affected",
"version": "12.2(20)S3"
},
{
"status": "affected",
"version": "12.2(25)S1"
},
{
"status": "affected",
"version": "12.2(20)S1"
},
{
"status": "affected",
"version": "12.2(10a)"
},
{
"status": "affected",
"version": "12.2(1)"
},
{
"status": "affected",
"version": "12.2(21b)"
},
{
"status": "affected",
"version": "12.2(10)"
},
{
"status": "affected",
"version": "12.2(1a)"
},
{
"status": "affected",
"version": "12.2(1b)"
},
{
"status": "affected",
"version": "12.2(1d)"
},
{
"status": "affected",
"version": "12.2(10b)"
},
{
"status": "affected",
"version": "12.2(10d)"
},
{
"status": "affected",
"version": "12.2(10g)"
},
{
"status": "affected",
"version": "12.2(3d)"
},
{
"status": "affected",
"version": "12.2(3g)"
},
{
"status": "affected",
"version": "12.2(3)"
},
{
"status": "affected",
"version": "12.2(5)"
},
{
"status": "affected",
"version": "12.2(5a)"
},
{
"status": "affected",
"version": "12.2(5d)"
},
{
"status": "affected",
"version": "12.2(6g)"
},
{
"status": "affected",
"version": "12.2(6h)"
},
{
"status": "affected",
"version": "12.2(6i)"
},
{
"status": "affected",
"version": "12.2(6j)"
},
{
"status": "affected",
"version": "12.2(6)"
},
{
"status": "affected",
"version": "12.2(6a)"
},
{
"status": "affected",
"version": "12.2(6b)"
},
{
"status": "affected",
"version": "12.2(6c)"
},
{
"status": "affected",
"version": "12.2(6d)"
},
{
"status": "affected",
"version": "12.2(6e)"
},
{
"status": "affected",
"version": "12.2(6f)"
},
{
"status": "affected",
"version": "12.2(7a)"
},
{
"status": "affected",
"version": "12.2(7b)"
},
{
"status": "affected",
"version": "12.2(7c)"
},
{
"status": "affected",
"version": "12.2(7g)"
},
{
"status": "affected",
"version": "12.2(7)"
},
{
"status": "affected",
"version": "12.2(37)"
},
{
"status": "affected",
"version": "12.2(19b)"
},
{
"status": "affected",
"version": "12.2(24b)"
},
{
"status": "affected",
"version": "12.2(12e)"
},
{
"status": "affected",
"version": "12.2(28)"
},
{
"status": "affected",
"version": "12.2(12b)"
},
{
"status": "affected",
"version": "12.2(26b)"
},
{
"status": "affected",
"version": "12.2(28a)"
},
{
"status": "affected",
"version": "12.2(12i)"
},
{
"status": "affected",
"version": "12.2(19)"
},
{
"status": "affected",
"version": "12.2(24)"
},
{
"status": "affected",
"version": "12.2(12g)"
},
{
"status": "affected",
"version": "12.2(13c)"
},
{
"status": "affected",
"version": "12.2(12f)"
},
{
"status": "affected",
"version": "12.2(12c)"
},
{
"status": "affected",
"version": "12.2(32)"
},
{
"status": "affected",
"version": "12.2(31)"
},
{
"status": "affected",
"version": "12.2(26a)"
},
{
"status": "affected",
"version": "12.2(27)"
},
{
"status": "affected",
"version": "12.2(17e)"
},
{
"status": "affected",
"version": "12.2(28d)"
},
{
"status": "affected",
"version": "12.2(17a)"
},
{
"status": "affected",
"version": "12.2(12k)"
},
{
"status": "affected",
"version": "12.2(13e)"
},
{
"status": "affected",
"version": "12.2(12a)"
},
{
"status": "affected",
"version": "12.2(19c)"
},
{
"status": "affected",
"version": "12.2(27b)"
},
{
"status": "affected",
"version": "12.2(17b)"
},
{
"status": "affected",
"version": "12.2(23)"
},
{
"status": "affected",
"version": "12.2(27a)"
},
{
"status": "affected",
"version": "12.2(16)"
},
{
"status": "affected",
"version": "12.2(12m)"
},
{
"status": "affected",
"version": "12.2(40)"
},
{
"status": "affected",
"version": "12.2(28c)"
},
{
"status": "affected",
"version": "12.2(24a)"
},
{
"status": "affected",
"version": "12.2(21a)"
},
{
"status": "affected",
"version": "12.2(13b)"
},
{
"status": "affected",
"version": "12.2(23a)"
},
{
"status": "affected",
"version": "12.2(17d)"
},
{
"status": "affected",
"version": "12.2(26)"
},
{
"status": "affected",
"version": "12.2(23c)"
},
{
"status": "affected",
"version": "12.2(16b)"
},
{
"status": "affected",
"version": "12.2(13)"
},
{
"status": "affected",
"version": "12.2(19a)"
},
{
"status": "affected",
"version": "12.2(17f)"
},
{
"status": "affected",
"version": "12.2(28b)"
},
{
"status": "affected",
"version": "12.2(23d)"
},
{
"status": "affected",
"version": "12.2(12)"
},
{
"status": "affected",
"version": "12.2(12j)"
},
{
"status": "affected",
"version": "12.2(23f)"
},
{
"status": "affected",
"version": "12.2(17)"
},
{
"status": "affected",
"version": "12.2(16c)"
},
{
"status": "affected",
"version": "12.2(16a)"
},
{
"status": "affected",
"version": "12.2(12l)"
},
{
"status": "affected",
"version": "12.2(12h)"
},
{
"status": "affected",
"version": "12.2(16f)"
},
{
"status": "affected",
"version": "12.2(29a)"
},
{
"status": "affected",
"version": "12.2(13a)"
},
{
"status": "affected",
"version": "12.2(40a)"
},
{
"status": "affected",
"version": "12.2(23e)"
},
{
"status": "affected",
"version": "12.2(21)"
},
{
"status": "affected",
"version": "12.2(46)"
},
{
"status": "affected",
"version": "12.2(29)"
},
{
"status": "affected",
"version": "12.2(4)YA"
},
{
"status": "affected",
"version": "12.2(4)YA6"
},
{
"status": "affected",
"version": "12.2(4)YA3"
},
{
"status": "affected",
"version": "12.2(4)YA4"
},
{
"status": "affected",
"version": "12.2(4)YA1"
},
{
"status": "affected",
"version": "12.2(4)YA11"
},
{
"status": "affected",
"version": "12.2(4)YA2"
},
{
"status": "affected",
"version": "12.2(4)YA9"
},
{
"status": "affected",
"version": "12.2(4)YA8"
},
{
"status": "affected",
"version": "12.2(4)YA5"
},
{
"status": "affected",
"version": "12.2(4)YA12"
},
{
"status": "affected",
"version": "12.2(4)YA10"
},
{
"status": "affected",
"version": "12.2(4)YA7"
},
{
"status": "affected",
"version": "12.2(4)YG"
},
{
"status": "affected",
"version": "12.2(14)SZ"
},
{
"status": "affected",
"version": "12.2(14)SZ5"
},
{
"status": "affected",
"version": "12.2(14)SZ6"
},
{
"status": "affected",
"version": "12.2(14)SZ3"
},
{
"status": "affected",
"version": "12.2(14)SZ4"
},
{
"status": "affected",
"version": "12.2(14)SZ1"
},
{
"status": "affected",
"version": "12.2(14)SZ2"
},
{
"status": "affected",
"version": "12.2(8)YJ"
},
{
"status": "affected",
"version": "12.2(8)YJ1"
},
{
"status": "affected",
"version": "12.2(8)YN"
},
{
"status": "affected",
"version": "12.2(9)YO"
},
{
"status": "affected",
"version": "12.2(9)YO3"
},
{
"status": "affected",
"version": "12.2(9)YO2"
},
{
"status": "affected",
"version": "12.2(9)YO1"
},
{
"status": "affected",
"version": "12.2(9)YO4"
},
{
"status": "affected",
"version": "12.2(8)YM"
},
{
"status": "affected",
"version": "12.2(11)YU"
},
{
"status": "affected",
"version": "12.2(11)YV"
},
{
"status": "affected",
"version": "12.2(11)YV1"
},
{
"status": "affected",
"version": "12.2(11)YZ"
},
{
"status": "affected",
"version": "12.2(11)YZ1"
},
{
"status": "affected",
"version": "12.2(11)YZ2"
},
{
"status": "affected",
"version": "12.2(8)ZB"
},
{
"status": "affected",
"version": "12.2(13)ZG"
},
{
"status": "affected",
"version": "12.2(13)ZH"
},
{
"status": "affected",
"version": "12.2(13)ZH9"
},
{
"status": "affected",
"version": "12.2(13)ZH2"
},
{
"status": "affected",
"version": "12.2(13)ZH8"
},
{
"status": "affected",
"version": "12.2(13)ZH10"
},
{
"status": "affected",
"version": "12.2(13)ZH4"
},
{
"status": "affected",
"version": "12.2(13)ZH3"
},
{
"status": "affected",
"version": "12.2(13)ZH7"
},
{
"status": "affected",
"version": "12.2(13)ZH6"
},
{
"status": "affected",
"version": "12.3(9a)"
},
{
"status": "affected",
"version": "12.3(15)"
},
{
"status": "affected",
"version": "12.3(19)"
},
{
"status": "affected",
"version": "12.3(10f)"
},
{
"status": "affected",
"version": "12.3(10a)"
},
{
"status": "affected",
"version": "12.3(1)"
},
{
"status": "affected",
"version": "12.3(1a)"
},
{
"status": "affected",
"version": "12.3(10)"
},
{
"status": "affected",
"version": "12.3(10b)"
},
{
"status": "affected",
"version": "12.3(10c)"
},
{
"status": "affected",
"version": "12.3(10d)"
},
{
"status": "affected",
"version": "12.3(10e)"
},
{
"status": "affected",
"version": "12.3(12b)"
},
{
"status": "affected",
"version": "12.3(12a)"
},
{
"status": "affected",
"version": "12.3(12c)"
},
{
"status": "affected",
"version": "12.3(12d)"
},
{
"status": "affected",
"version": "12.3(12e)"
},
{
"status": "affected",
"version": "12.3(12)"
},
{
"status": "affected",
"version": "12.3(13)"
},
{
"status": "affected",
"version": "12.3(13a)"
},
{
"status": "affected",
"version": "12.3(13b)"
},
{
"status": "affected",
"version": "12.3(15a)"
},
{
"status": "affected",
"version": "12.3(16)"
},
{
"status": "affected",
"version": "12.3(17)"
},
{
"status": "affected",
"version": "12.3(17a)"
},
{
"status": "affected",
"version": "12.3(17b)"
},
{
"status": "affected",
"version": "12.3(18)"
},
{
"status": "affected",
"version": "12.3(20)"
},
{
"status": "affected",
"version": "12.3(3f)"
},
{
"status": "affected",
"version": "12.3(3e)"
},
{
"status": "affected",
"version": "12.3(3g)"
},
{
"status": "affected",
"version": "12.3(3c)"
},
{
"status": "affected",
"version": "12.3(3b)"
},
{
"status": "affected",
"version": "12.3(3a)"
},
{
"status": "affected",
"version": "12.3(3)"
},
{
"status": "affected",
"version": "12.3(3i)"
},
{
"status": "affected",
"version": "12.3(3h)"
},
{
"status": "affected",
"version": "12.3(5c)"
},
{
"status": "affected",
"version": "12.3(5b)"
},
{
"status": "affected",
"version": "12.3(5a)"
},
{
"status": "affected",
"version": "12.3(5)"
},
{
"status": "affected",
"version": "12.3(5f)"
},
{
"status": "affected",
"version": "12.3(5e)"
},
{
"status": "affected",
"version": "12.3(5d)"
},
{
"status": "affected",
"version": "12.3(6f)"
},
{
"status": "affected",
"version": "12.3(6e)"
},
{
"status": "affected",
"version": "12.3(6c)"
},
{
"status": "affected",
"version": "12.3(6b)"
},
{
"status": "affected",
"version": "12.3(6a)"
},
{
"status": "affected",
"version": "12.3(6)"
},
{
"status": "affected",
"version": "12.3(9d)"
},
{
"status": "affected",
"version": "12.3(9e)"
},
{
"status": "affected",
"version": "12.3(9)"
},
{
"status": "affected",
"version": "12.3(9b)"
},
{
"status": "affected",
"version": "12.3(9c)"
},
{
"status": "affected",
"version": "12.3(16a)"
},
{
"status": "affected",
"version": "12.3(15b)"
},
{
"status": "affected",
"version": "12.3(21)"
},
{
"status": "affected",
"version": "12.3(22)"
},
{
"status": "affected",
"version": "12.3(21b)"
},
{
"status": "affected",
"version": "12.3(23)"
},
{
"status": "affected",
"version": "12.3(26)"
},
{
"status": "affected",
"version": "12.3(20a)"
},
{
"status": "affected",
"version": "12.3(22a)"
},
{
"status": "affected",
"version": "12.3(25)"
},
{
"status": "affected",
"version": "12.3(17c)"
},
{
"status": "affected",
"version": "12.3(24)"
},
{
"status": "affected",
"version": "12.3(19a)"
},
{
"status": "affected",
"version": "12.3(24a)"
},
{
"status": "affected",
"version": "12.3(18a)"
},
{
"status": "affected",
"version": "12.3(11)T"
},
{
"status": "affected",
"version": "12.3(7)T12"
},
{
"status": "affected",
"version": "12.3(11)T11"
},
{
"status": "affected",
"version": "12.3(11)T10"
},
{
"status": "affected",
"version": "12.3(14)T7"
},
{
"status": "affected",
"version": "12.3(14)T"
},
{
"status": "affected",
"version": "12.3(8)T"
},
{
"status": "affected",
"version": "12.3(2)T"
},
{
"status": "affected",
"version": "12.3(4)T"
},
{
"status": "affected",
"version": "12.3(7)T"
},
{
"status": "affected",
"version": "12.3(8)T9"
},
{
"status": "affected",
"version": "12.3(2)T9"
},
{
"status": "affected",
"version": "12.3(8)T6"
},
{
"status": "affected",
"version": "12.3(4)T9"
},
{
"status": "affected",
"version": "12.3(4)T4"
},
{
"status": "affected",
"version": "12.3(2)T1"
},
{
"status": "affected",
"version": "12.3(11)T5"
},
{
"status": "affected",
"version": "12.3(7)T3"
},
{
"status": "affected",
"version": "12.3(2)T2"
},
{
"status": "affected",
"version": "12.3(8)T3"
},
{
"status": "affected",
"version": "12.3(4)T7"
},
{
"status": "affected",
"version": "12.3(8)T7"
},
{
"status": "affected",
"version": "12.3(11)T8"
},
{
"status": "affected",
"version": "12.3(7)T2"
},
{
"status": "affected",
"version": "12.3(8)T4"
},
{
"status": "affected",
"version": "12.3(8)T8"
},
{
"status": "affected",
"version": "12.3(14)T5"
},
{
"status": "affected",
"version": "12.3(11)T3"
},
{
"status": "affected",
"version": "12.3(4)T10"
},
{
"status": "affected",
"version": "12.3(2)T4"
},
{
"status": "affected",
"version": "12.3(8)T10"
},
{
"status": "affected",
"version": "12.3(14)T2"
},
{
"status": "affected",
"version": "12.3(4)T2"
},
{
"status": "affected",
"version": "12.3(7)T7"
},
{
"status": "affected",
"version": "12.3(7)T10"
},
{
"status": "affected",
"version": "12.3(7)T4"
},
{
"status": "affected",
"version": "12.3(11)T6"
},
{
"status": "affected",
"version": "12.3(7)T11"
},
{
"status": "affected",
"version": "12.3(4)T6"
},
{
"status": "affected",
"version": "12.3(2)T3"
},
{
"status": "affected",
"version": "12.3(2)T5"
},
{
"status": "affected",
"version": "12.3(2)T6"
},
{
"status": "affected",
"version": "12.3(4)T3"
},
{
"status": "affected",
"version": "12.3(14)T3"
},
{
"status": "affected",
"version": "12.3(2)T8"
},
{
"status": "affected",
"version": "12.3(11)T4"
},
{
"status": "affected",
"version": "12.3(7)T9"
},
{
"status": "affected",
"version": "12.3(8)T11"
},
{
"status": "affected",
"version": "12.3(11)T9"
},
{
"status": "affected",
"version": "12.3(7)T8"
},
{
"status": "affected",
"version": "12.3(4)T1"
},
{
"status": "affected",
"version": "12.3(8)T5"
},
{
"status": "affected",
"version": "12.3(4)T11"
},
{
"status": "affected",
"version": "12.3(4)T8"
},
{
"status": "affected",
"version": "12.3(14)T1"
},
{
"status": "affected",
"version": "12.3(11)T2"
},
{
"status": "affected",
"version": "12.3(7)T6"
},
{
"status": "affected",
"version": "12.3(2)T7"
},
{
"status": "affected",
"version": "12.3(11)T7"
},
{
"status": "affected",
"version": "12.3(7)T1"
},
{
"status": "affected",
"version": "12.3(14)T6"
},
{
"status": "affected",
"version": "12.3(8)T1"
},
{
"status": "affected",
"version": "12.3(2)XA"
},
{
"status": "affected",
"version": "12.3(2)XA4"
},
{
"status": "affected",
"version": "12.3(2)XA7"
},
{
"status": "affected",
"version": "12.3(2)XA3"
},
{
"status": "affected",
"version": "12.3(2)XA6"
},
{
"status": "affected",
"version": "12.3(2)XA5"
},
{
"status": "affected",
"version": "12.3(4)XQ"
},
{
"status": "affected",
"version": "12.3(4)XQ1"
},
{
"status": "affected",
"version": "12.3(11)XL"
},
{
"status": "affected",
"version": "12.3(11)XL1"
},
{
"status": "affected",
"version": "12.3(4)XK3"
},
{
"status": "affected",
"version": "12.3(4)XK1"
},
{
"status": "affected",
"version": "12.3(4)XK4"
},
{
"status": "affected",
"version": "12.3(4)XK"
},
{
"status": "affected",
"version": "12.3(4)XK2"
},
{
"status": "affected",
"version": "12.3(4)XG"
},
{
"status": "affected",
"version": "12.3(4)XG3"
},
{
"status": "affected",
"version": "12.3(4)XG1"
},
{
"status": "affected",
"version": "12.3(4)XG4"
},
{
"status": "affected",
"version": "12.3(4)XG2"
},
{
"status": "affected",
"version": "12.3(4)XG5"
},
{
"status": "affected",
"version": "12.3(2)XF"
},
{
"status": "affected",
"version": "12.3(2)XE"
},
{
"status": "affected",
"version": "12.3(2)XE5"
},
{
"status": "affected",
"version": "12.3(2)XE2"
},
{
"status": "affected",
"version": "12.3(2)XE1"
},
{
"status": "affected",
"version": "12.3(2)XE4"
},
{
"status": "affected",
"version": "12.3(2)XE3"
},
{
"status": "affected",
"version": "12.3(4)XD"
},
{
"status": "affected",
"version": "12.3(4)XD4"
},
{
"status": "affected",
"version": "12.3(4)XD1"
},
{
"status": "affected",
"version": "12.3(4)XD3"
},
{
"status": "affected",
"version": "12.3(4)XD2"
},
{
"status": "affected",
"version": "12.3(2)XC"
},
{
"status": "affected",
"version": "12.3(2)XC2"
},
{
"status": "affected",
"version": "12.3(2)XC1"
},
{
"status": "affected",
"version": "12.2(25)SE"
},
{
"status": "affected",
"version": "12.3(7)XR"
},
{
"status": "affected",
"version": "12.3(7)XR4"
},
{
"status": "affected",
"version": "12.3(7)XR3"
},
{
"status": "affected",
"version": "12.3(7)XR5"
},
{
"status": "affected",
"version": "12.3(7)XR6"
},
{
"status": "affected",
"version": "12.3(7)XR2"
},
{
"status": "affected",
"version": "12.3(7)XR7"
},
{
"status": "affected",
"version": "12.3(8)XX"
},
{
"status": "affected",
"version": "12.3(8)XX1"
},
{
"status": "affected",
"version": "12.3(8)XX2d"
},
{
"status": "affected",
"version": "12.3(8)YA"
},
{
"status": "affected",
"version": "12.3(8)YA1"
},
{
"status": "affected",
"version": "12.3(11)YF2"
},
{
"status": "affected",
"version": "12.3(8)YG"
},
{
"status": "affected",
"version": "12.3(8)YG5"
},
{
"status": "affected",
"version": "12.3(8)YG3"
},
{
"status": "affected",
"version": "12.3(8)YG6"
},
{
"status": "affected",
"version": "12.3(8)YG2"
},
{
"status": "affected",
"version": "12.3(8)YG1"
},
{
"status": "affected",
"version": "12.3(8)YG4"
},
{
"status": "affected",
"version": "12.2(12b)M1"
},
{
"status": "affected",
"version": "12.2(12h)M1"
},
{
"status": "affected",
"version": "12.3(8)YI2"
},
{
"status": "affected",
"version": "12.3(8)YI3"
},
{
"status": "affected",
"version": "12.3(8)YI1"
},
{
"status": "affected",
"version": "12.3(11)YK"
},
{
"status": "affected",
"version": "12.3(11)YK1"
},
{
"status": "affected",
"version": "12.3(11)YK2"
},
{
"status": "affected",
"version": "12.3(11)YK3"
},
{
"status": "affected",
"version": "12.3(2)JA3"
},
{
"status": "affected",
"version": "12.3(2)JA4"
},
{
"status": "affected",
"version": "12.3(11)JA2"
},
{
"status": "affected",
"version": "12.3(11)YS"
},
{
"status": "affected",
"version": "12.3(11)YS1"
},
{
"status": "affected",
"version": "12.3(11)YS2"
},
{
"status": "affected",
"version": "12.4(3e)"
},
{
"status": "affected",
"version": "12.4(7b)"
},
{
"status": "affected",
"version": "12.4(8)"
},
{
"status": "affected",
"version": "12.4(5b)"
},
{
"status": "affected",
"version": "12.4(7a)"
},
{
"status": "affected",
"version": "12.4(3d)"
},
{
"status": "affected",
"version": "12.4(1)"
},
{
"status": "affected",
"version": "12.4(1a)"
},
{
"status": "affected",
"version": "12.4(1b)"
},
{
"status": "affected",
"version": "12.4(1c)"
},
{
"status": "affected",
"version": "12.4(10)"
},
{
"status": "affected",
"version": "12.4(3)"
},
{
"status": "affected",
"version": "12.4(3a)"
},
{
"status": "affected",
"version": "12.4(3b)"
},
{
"status": "affected",
"version": "12.4(3c)"
},
{
"status": "affected",
"version": "12.4(3f)"
},
{
"status": "affected",
"version": "12.4(5)"
},
{
"status": "affected",
"version": "12.4(5a)"
},
{
"status": "affected",
"version": "12.4(7c)"
},
{
"status": "affected",
"version": "12.4(7)"
},
{
"status": "affected",
"version": "12.4(8a)"
},
{
"status": "affected",
"version": "12.4(8b)"
},
{
"status": "affected",
"version": "12.4(7d)"
},
{
"status": "affected",
"version": "12.4(3g)"
},
{
"status": "affected",
"version": "12.4(8c)"
},
{
"status": "affected",
"version": "12.4(10b)"
},
{
"status": "affected",
"version": "12.4(12)"
},
{
"status": "affected",
"version": "12.4(12a)"
},
{
"status": "affected",
"version": "12.4(12b)"
},
{
"status": "affected",
"version": "12.4(13)"
},
{
"status": "affected",
"version": "12.4(13a)"
},
{
"status": "affected",
"version": "12.4(13b)"
},
{
"status": "affected",
"version": "12.4(13c)"
},
{
"status": "affected",
"version": "12.4(7e)"
},
{
"status": "affected",
"version": "12.4(17)"
},
{
"status": "affected",
"version": "12.4(25e)"
},
{
"status": "affected",
"version": "12.4(18b)"
},
{
"status": "affected",
"version": "12.4(18e)"
},
{
"status": "affected",
"version": "12.4(25g)"
},
{
"status": "affected",
"version": "12.4(3i)"
},
{
"status": "affected",
"version": "12.4(3j)"
},
{
"status": "affected",
"version": "12.4(23b)"
},
{
"status": "affected",
"version": "12.4(3h)"
},
{
"status": "affected",
"version": "12.4(7h)"
},
{
"status": "affected",
"version": "12.4(25a)"
},
{
"status": "affected",
"version": "12.4(16)"
},
{
"status": "affected",
"version": "12.4(13d)"
},
{
"status": "affected",
"version": "12.4(25)"
},
{
"status": "affected",
"version": "12.4(25c)"
},
{
"status": "affected",
"version": "12.4(19)"
},
{
"status": "affected",
"version": "12.4(13e)"
},
{
"status": "affected",
"version": "12.4(25b)"
},
{
"status": "affected",
"version": "12.4(23)"
},
{
"status": "affected",
"version": "12.4(10c)"
},
{
"status": "affected",
"version": "12.4(21)"
},
{
"status": "affected",
"version": "12.4(16b)"
},
{
"status": "affected",
"version": "12.4(16a)"
},
{
"status": "affected",
"version": "12.4(23a)"
},
{
"status": "affected",
"version": "12.4(25d)"
},
{
"status": "affected",
"version": "12.4(7f)"
},
{
"status": "affected",
"version": "12.4(18)"
},
{
"status": "affected",
"version": "12.4(21a)"
},
{
"status": "affected",
"version": "12.4(13f)"
},
{
"status": "affected",
"version": "12.4(25f)"
},
{
"status": "affected",
"version": "12.4(18c)"
},
{
"status": "affected",
"version": "12.4(5c)"
},
{
"status": "affected",
"version": "12.4(8d)"
},
{
"status": "affected",
"version": "12.4(12c)"
},
{
"status": "affected",
"version": "12.4(17a)"
},
{
"status": "affected",
"version": "12.4(18a)"
},
{
"status": "affected",
"version": "12.4(17b)"
},
{
"status": "affected",
"version": "12.4(7g)"
},
{
"status": "affected",
"version": "12.3(8)JK"
},
{
"status": "affected",
"version": "12.4(6)MR1"
},
{
"status": "affected",
"version": "12.4(11)MR"
},
{
"status": "affected",
"version": "12.4(2)MR"
},
{
"status": "affected",
"version": "12.4(4)MR"
},
{
"status": "affected",
"version": "12.4(6)MR"
},
{
"status": "affected",
"version": "12.4(9)MR"
},
{
"status": "affected",
"version": "12.4(12)MR"
},
{
"status": "affected",
"version": "12.4(16)MR"
},
{
"status": "affected",
"version": "12.4(16)MR1"
},
{
"status": "affected",
"version": "12.4(19)MR2"
},
{
"status": "affected",
"version": "12.4(19)MR1"
},
{
"status": "affected",
"version": "12.4(19)MR"
},
{
"status": "affected",
"version": "12.4(20)MR"
},
{
"status": "affected",
"version": "12.4(4)MR1"
},
{
"status": "affected",
"version": "12.4(19)MR3"
},
{
"status": "affected",
"version": "12.4(12)MR1"
},
{
"status": "affected",
"version": "12.4(20)MR2"
},
{
"status": "affected",
"version": "12.4(16)MR2"
},
{
"status": "affected",
"version": "12.4(12)MR2"
},
{
"status": "affected",
"version": "12.4(2)MR1"
},
{
"status": "affected",
"version": "12.4(20)MR1"
},
{
"status": "affected",
"version": "12.4(4)T"
},
{
"status": "affected",
"version": "12.4(4)T1"
},
{
"status": "affected",
"version": "12.4(4)T2"
},
{
"status": "affected",
"version": "12.4(4)T3"
},
{
"status": "affected",
"version": "12.4(6)T"
},
{
"status": "affected",
"version": "12.4(6)T1"
},
{
"status": "affected",
"version": "12.4(6)T2"
},
{
"status": "affected",
"version": "12.4(9)T"
},
{
"status": "affected",
"version": "12.4(4)T4"
},
{
"status": "affected",
"version": "12.4(2)T5"
},
{
"status": "affected",
"version": "12.4(6)T3"
},
{
"status": "affected",
"version": "12.4(2)T"
},
{
"status": "affected",
"version": "12.4(11)T"
},
{
"status": "affected",
"version": "12.4(15)T"
},
{
"status": "affected",
"version": "12.4(20)T"
},
{
"status": "affected",
"version": "12.4(24)T"
},
{
"status": "affected",
"version": "12.4(24)T3"
},
{
"status": "affected",
"version": "12.4(4)T8"
},
{
"status": "affected",
"version": "12.4(20)T1"
},
{
"status": "affected",
"version": "12.4(22)T1"
},
{
"status": "affected",
"version": "12.4(15)T9"
},
{
"status": "affected",
"version": "12.4(11)T4"
},
{
"status": "affected",
"version": "12.4(15)T8"
},
{
"status": "affected",
"version": "12.4(6)T5"
},
{
"status": "affected",
"version": "12.4(15)T15"
},
{
"status": "affected",
"version": "12.4(24)T5"
},
{
"status": "affected",
"version": "12.4(15)T2"
},
{
"status": "affected",
"version": "12.4(6)T8"
},
{
"status": "affected",
"version": "12.4(15)T12"
},
{
"status": "affected",
"version": "12.4(24)T4"
},
{
"status": "affected",
"version": "12.4(6)T11"
},
{
"status": "affected",
"version": "12.4(9)T5"
},
{
"status": "affected",
"version": "12.4(20)T3"
},
{
"status": "affected",
"version": "12.4(6)T4"
},
{
"status": "affected",
"version": "12.4(4)T6"
},
{
"status": "affected",
"version": "12.4(22)T"
},
{
"status": "affected",
"version": "12.4(20)T6"
},
{
"status": "affected",
"version": "12.4(9)T3"
},
{
"status": "affected",
"version": "12.4(24)T8"
},
{
"status": "affected",
"version": "12.4(6)T7"
},
{
"status": "affected",
"version": "12.4(15)T13"
},
{
"status": "affected",
"version": "12.4(6)T10"
},
{
"status": "affected",
"version": "12.4(15)T3"
},
{
"status": "affected",
"version": "12.4(24)T2"
},
{
"status": "affected",
"version": "12.4(22)T5"
},
{
"status": "affected",
"version": "12.4(2)T3"
},
{
"status": "affected",
"version": "12.4(15)T10"
},
{
"status": "affected",
"version": "12.4(22)T4"
},
{
"status": "affected",
"version": "12.4(20)T5"
},
{
"status": "affected",
"version": "12.4(9)T6"
},
{
"status": "affected",
"version": "12.4(15)T4"
},
{
"status": "affected",
"version": "12.4(2)T4"
},
{
"status": "affected",
"version": "12.4(24)T1"
},
{
"status": "affected",
"version": "12.4(9)T4"
},
{
"status": "affected",
"version": "12.4(24)T7"
},
{
"status": "affected",
"version": "12.4(22)T3"
},
{
"status": "affected",
"version": "12.4(9)T1"
},
{
"status": "affected",
"version": "12.4(24)T6"
},
{
"status": "affected",
"version": "12.4(6)T9"
},
{
"status": "affected",
"version": "12.4(15)T5"
},
{
"status": "affected",
"version": "12.4(4)T7"
},
{
"status": "affected",
"version": "12.4(20)T2"
},
{
"status": "affected",
"version": "12.4(2)T1"
},
{
"status": "affected",
"version": "12.4(11)T1"
},
{
"status": "affected",
"version": "12.4(15)T11"
},
{
"status": "affected",
"version": "12.4(2)T6"
},
{
"status": "affected",
"version": "12.4(2)T2"
},
{
"status": "affected",
"version": "12.4(15)T7"
},
{
"status": "affected",
"version": "12.4(11)T2"
},
{
"status": "affected",
"version": "12.4(9)T7"
},
{
"status": "affected",
"version": "12.4(15)T14"
},
{
"status": "affected",
"version": "12.4(11)T3"
},
{
"status": "affected",
"version": "12.4(15)T6"
},
{
"status": "affected",
"version": "12.4(15)T16"
},
{
"status": "affected",
"version": "12.4(15)T1"
},
{
"status": "affected",
"version": "12.4(9)T2"
},
{
"status": "affected",
"version": "12.4(6)T6"
},
{
"status": "affected",
"version": "12.4(22)T2"
},
{
"status": "affected",
"version": "12.4(4)T5"
},
{
"status": "affected",
"version": "12.4(20)T4"
},
{
"status": "affected",
"version": "12.4(15)T17"
},
{
"status": "affected",
"version": "12.3(14)YT"
},
{
"status": "affected",
"version": "12.3(14)YT1"
},
{
"status": "affected",
"version": "12.3(11)JX"
},
{
"status": "affected",
"version": "12.3(7)JX9"
},
{
"status": "affected",
"version": "12.3(11)JX1"
},
{
"status": "affected",
"version": "12.3(4)TPC11b"
},
{
"status": "affected",
"version": "12.3(4)TPC11a"
},
{
"status": "affected",
"version": "12.4(2)XA"
},
{
"status": "affected",
"version": "12.4(2)XA1"
},
{
"status": "affected",
"version": "12.4(2)XA2"
},
{
"status": "affected",
"version": "12.4(4)XC"
},
{
"status": "affected",
"version": "12.4(4)XC1"
},
{
"status": "affected",
"version": "12.4(4)XC5"
},
{
"status": "affected",
"version": "12.4(4)XC7"
},
{
"status": "affected",
"version": "12.4(4)XC3"
},
{
"status": "affected",
"version": "12.4(4)XC4"
},
{
"status": "affected",
"version": "12.4(4)XC2"
},
{
"status": "affected",
"version": "12.4(4)XC6"
},
{
"status": "affected",
"version": "12.4(6)XE"
},
{
"status": "affected",
"version": "12.4(6)XE2"
},
{
"status": "affected",
"version": "12.4(6)XE1"
},
{
"status": "affected",
"version": "12.3(11)YZ1"
},
{
"status": "affected",
"version": "12.3(11)YZ"
},
{
"status": "affected",
"version": "12.3(11)YZ2"
},
{
"status": "affected",
"version": "12.4(11)SW"
},
{
"status": "affected",
"version": "12.4(15)SW6"
},
{
"status": "affected",
"version": "12.4(15)SW"
},
{
"status": "affected",
"version": "12.4(11)SW1"
},
{
"status": "affected",
"version": "12.4(15)SW5"
},
{
"status": "affected",
"version": "12.4(15)SW1"
},
{
"status": "affected",
"version": "12.4(15)SW4"
},
{
"status": "affected",
"version": "12.4(11)SW3"
},
{
"status": "affected",
"version": "12.4(11)SW2"
},
{
"status": "affected",
"version": "12.4(15)SW3"
},
{
"status": "affected",
"version": "12.4(15)SW2"
},
{
"status": "affected",
"version": "12.4(15)SW7"
},
{
"status": "affected",
"version": "12.4(15)SW8"
},
{
"status": "affected",
"version": "12.4(15)SW8a"
},
{
"status": "affected",
"version": "12.4(15)SW9"
},
{
"status": "affected",
"version": "12.4(11)XJ"
},
{
"status": "affected",
"version": "12.4(11)XJ3"
},
{
"status": "affected",
"version": "12.4(11)XJ2"
},
{
"status": "affected",
"version": "12.4(11)XJ4"
},
{
"status": "affected",
"version": "12.4(6)XT"
},
{
"status": "affected",
"version": "12.4(6)XT1"
},
{
"status": "affected",
"version": "12.4(6)XT2"
},
{
"status": "affected",
"version": "12.4(11)MD2"
},
{
"status": "affected",
"version": "12.4(11)XV"
},
{
"status": "affected",
"version": "12.4(11)XV1"
},
{
"status": "affected",
"version": "12.4(11)XW"
},
{
"status": "affected",
"version": "12.4(11)XW3"
},
{
"status": "affected",
"version": "12.4(11)XW7"
},
{
"status": "affected",
"version": "12.4(11)XW10"
},
{
"status": "affected",
"version": "12.4(11)XW8"
},
{
"status": "affected",
"version": "12.4(11)XW9"
},
{
"status": "affected",
"version": "12.4(11)XW6"
},
{
"status": "affected",
"version": "12.4(11)XW4"
},
{
"status": "affected",
"version": "12.4(11)XW1"
},
{
"status": "affected",
"version": "12.4(11)XW5"
},
{
"status": "affected",
"version": "12.4(11)XW2"
},
{
"status": "affected",
"version": "12.4(15)XY4"
},
{
"status": "affected",
"version": "12.4(15)XY5"
},
{
"status": "affected",
"version": "12.4(15)XY1"
},
{
"status": "affected",
"version": "12.4(15)XY"
},
{
"status": "affected",
"version": "12.4(15)XY2"
},
{
"status": "affected",
"version": "12.4(15)XY3"
},
{
"status": "affected",
"version": "12.4(15)XZ"
},
{
"status": "affected",
"version": "12.4(15)XZ2"
},
{
"status": "affected",
"version": "12.4(15)XZ1"
},
{
"status": "affected",
"version": "12.3(8)ZA"
},
{
"status": "affected",
"version": "12.4(23c)JY"
},
{
"status": "affected",
"version": "15.0(1)M1"
},
{
"status": "affected",
"version": "15.0(1)M5"
},
{
"status": "affected",
"version": "15.0(1)M4"
},
{
"status": "affected",
"version": "15.0(1)M3"
},
{
"status": "affected",
"version": "15.0(1)M2"
},
{
"status": "affected",
"version": "15.0(1)M6"
},
{
"status": "affected",
"version": "15.0(1)M"
},
{
"status": "affected",
"version": "15.0(1)M7"
},
{
"status": "affected",
"version": "15.0(1)M10"
},
{
"status": "affected",
"version": "15.0(1)M9"
},
{
"status": "affected",
"version": "15.0(1)M8"
},
{
"status": "affected",
"version": "15.0(1)XA2"
},
{
"status": "affected",
"version": "15.0(1)XA4"
},
{
"status": "affected",
"version": "15.0(1)XA1"
},
{
"status": "affected",
"version": "15.0(1)XA3"
},
{
"status": "affected",
"version": "15.0(1)XA"
},
{
"status": "affected",
"version": "15.0(1)XA5"
},
{
"status": "affected",
"version": "15.1(2)T"
},
{
"status": "affected",
"version": "15.1(1)T4"
},
{
"status": "affected",
"version": "15.1(3)T2"
},
{
"status": "affected",
"version": "15.1(1)T1"
},
{
"status": "affected",
"version": "15.1(2)T0a"
},
{
"status": "affected",
"version": "15.1(3)T3"
},
{
"status": "affected",
"version": "15.1(1)T3"
},
{
"status": "affected",
"version": "15.1(2)T3"
},
{
"status": "affected",
"version": "15.1(2)T4"
},
{
"status": "affected",
"version": "15.1(1)T2"
},
{
"status": "affected",
"version": "15.1(3)T"
},
{
"status": "affected",
"version": "15.1(2)T2a"
},
{
"status": "affected",
"version": "15.1(3)T1"
},
{
"status": "affected",
"version": "15.1(1)T"
},
{
"status": "affected",
"version": "15.1(2)T2"
},
{
"status": "affected",
"version": "15.1(2)T1"
},
{
"status": "affected",
"version": "15.1(2)T5"
},
{
"status": "affected",
"version": "15.1(3)T4"
},
{
"status": "affected",
"version": "15.1(1)T5"
},
{
"status": "affected",
"version": "15.1(1)XB"
},
{
"status": "affected",
"version": "12.2(33)MRA"
},
{
"status": "affected",
"version": "12.2(33)MRB5"
},
{
"status": "affected",
"version": "12.2(33)MRB2"
},
{
"status": "affected",
"version": "12.2(33)MRB1"
},
{
"status": "affected",
"version": "12.2(33)MRB4"
},
{
"status": "affected",
"version": "12.2(33)MRB"
},
{
"status": "affected",
"version": "12.2(33)MRB3"
},
{
"status": "affected",
"version": "12.2(33)MRB6"
},
{
"status": "affected",
"version": "15.3(1)T"
},
{
"status": "affected",
"version": "15.3(2)T"
},
{
"status": "affected",
"version": "15.3(1)T1"
},
{
"status": "affected",
"version": "15.3(1)T2"
},
{
"status": "affected",
"version": "15.3(1)T3"
},
{
"status": "affected",
"version": "15.3(1)T4"
},
{
"status": "affected",
"version": "15.3(2)T1"
},
{
"status": "affected",
"version": "15.3(2)T2"
},
{
"status": "affected",
"version": "15.3(2)T3"
},
{
"status": "affected",
"version": "15.3(2)T4"
},
{
"status": "affected",
"version": "15.0(1)EY"
},
{
"status": "affected",
"version": "15.0(1)EY2"
},
{
"status": "affected",
"version": "12.4(20)MRB"
},
{
"status": "affected",
"version": "12.4(20)MRB1"
},
{
"status": "affected",
"version": "15.1(4)M3"
},
{
"status": "affected",
"version": "15.1(4)M"
},
{
"status": "affected",
"version": "15.1(4)M1"
},
{
"status": "affected",
"version": "15.1(4)M2"
},
{
"status": "affected",
"version": "15.1(4)M6"
},
{
"status": "affected",
"version": "15.1(4)M5"
},
{
"status": "affected",
"version": "15.1(4)M4"
},
{
"status": "affected",
"version": "15.1(4)M7"
},
{
"status": "affected",
"version": "15.1(4)M10"
},
{
"status": "affected",
"version": "15.1(4)M8"
},
{
"status": "affected",
"version": "15.1(4)M9"
},
{
"status": "affected",
"version": "15.1(2)GC"
},
{
"status": "affected",
"version": "15.1(2)GC1"
},
{
"status": "affected",
"version": "15.1(2)GC2"
},
{
"status": "affected",
"version": "15.1(4)GC"
},
{
"status": "affected",
"version": "15.1(4)GC1"
},
{
"status": "affected",
"version": "15.1(4)GC2"
},
{
"status": "affected",
"version": "15.2(4)M"
},
{
"status": "affected",
"version": "15.2(4)M1"
},
{
"status": "affected",
"version": "15.2(4)M2"
},
{
"status": "affected",
"version": "15.2(4)M4"
},
{
"status": "affected",
"version": "15.2(4)M3"
},
{
"status": "affected",
"version": "15.2(4)M5"
},
{
"status": "affected",
"version": "15.2(4)M8"
},
{
"status": "affected",
"version": "15.2(4)M10"
},
{
"status": "affected",
"version": "15.2(4)M7"
},
{
"status": "affected",
"version": "15.2(4)M6"
},
{
"status": "affected",
"version": "15.2(4)M9"
},
{
"status": "affected",
"version": "15.2(4)M6a"
},
{
"status": "affected",
"version": "15.2(4)M11"
},
{
"status": "affected",
"version": "15.0(2)SG11a"
},
{
"status": "affected",
"version": "15.0(2)EX2"
},
{
"status": "affected",
"version": "15.0(2)EX8"
},
{
"status": "affected",
"version": "15.2(1)GC"
},
{
"status": "affected",
"version": "15.2(1)GC1"
},
{
"status": "affected",
"version": "15.2(1)GC2"
},
{
"status": "affected",
"version": "15.2(2)GC"
},
{
"status": "affected",
"version": "15.2(3)GC"
},
{
"status": "affected",
"version": "15.2(3)GC1"
},
{
"status": "affected",
"version": "15.2(4)GC"
},
{
"status": "affected",
"version": "15.2(4)GC2"
},
{
"status": "affected",
"version": "15.2(4)GC3"
},
{
"status": "affected",
"version": "15.4(1)T"
},
{
"status": "affected",
"version": "15.4(2)T"
},
{
"status": "affected",
"version": "15.4(1)T2"
},
{
"status": "affected",
"version": "15.4(1)T1"
},
{
"status": "affected",
"version": "15.4(1)T3"
},
{
"status": "affected",
"version": "15.4(2)T1"
},
{
"status": "affected",
"version": "15.4(2)T3"
},
{
"status": "affected",
"version": "15.4(2)T2"
},
{
"status": "affected",
"version": "15.4(1)T4"
},
{
"status": "affected",
"version": "15.4(2)T4"
},
{
"status": "affected",
"version": "15.3(3)M"
},
{
"status": "affected",
"version": "15.3(3)M1"
},
{
"status": "affected",
"version": "15.3(3)M2"
},
{
"status": "affected",
"version": "15.3(3)M3"
},
{
"status": "affected",
"version": "15.3(3)M5"
},
{
"status": "affected",
"version": "15.3(3)M4"
},
{
"status": "affected",
"version": "15.3(3)M6"
},
{
"status": "affected",
"version": "15.3(3)M7"
},
{
"status": "affected",
"version": "15.3(3)M8"
},
{
"status": "affected",
"version": "15.3(3)M9"
},
{
"status": "affected",
"version": "15.3(3)M8a"
},
{
"status": "affected",
"version": "15.4(3)M"
},
{
"status": "affected",
"version": "15.4(3)M1"
},
{
"status": "affected",
"version": "15.4(3)M2"
},
{
"status": "affected",
"version": "15.4(3)M3"
},
{
"status": "affected",
"version": "15.4(3)M4"
},
{
"status": "affected",
"version": "15.4(3)M5"
},
{
"status": "affected",
"version": "15.4(3)M6"
},
{
"status": "affected",
"version": "15.4(3)M7"
},
{
"status": "affected",
"version": "15.4(3)M6a"
},
{
"status": "affected",
"version": "15.2(4)JAZ1"
},
{
"status": "affected",
"version": "15.4(1)CG"
},
{
"status": "affected",
"version": "15.4(1)CG1"
},
{
"status": "affected",
"version": "15.4(2)CG"
},
{
"status": "affected",
"version": "15.5(1)T"
},
{
"status": "affected",
"version": "15.5(1)T1"
},
{
"status": "affected",
"version": "15.5(2)T"
},
{
"status": "affected",
"version": "15.5(1)T2"
},
{
"status": "affected",
"version": "15.5(1)T3"
},
{
"status": "affected",
"version": "15.5(2)T1"
},
{
"status": "affected",
"version": "15.5(2)T2"
},
{
"status": "affected",
"version": "15.5(2)T3"
},
{
"status": "affected",
"version": "15.5(2)T4"
},
{
"status": "affected",
"version": "15.5(1)T4"
},
{
"status": "affected",
"version": "15.5(3)M"
},
{
"status": "affected",
"version": "15.5(3)M1"
},
{
"status": "affected",
"version": "15.5(3)M0a"
},
{
"status": "affected",
"version": "15.5(3)M2"
},
{
"status": "affected",
"version": "15.5(3)M3"
},
{
"status": "affected",
"version": "15.5(3)M4"
},
{
"status": "affected",
"version": "15.5(3)M4a"
},
{
"status": "affected",
"version": "15.5(3)M5"
},
{
"status": "affected",
"version": "15.3(3)JAA1"
},
{
"status": "affected",
"version": "15.6(1)T"
},
{
"status": "affected",
"version": "15.6(2)T"
},
{
"status": "affected",
"version": "15.6(1)T0a"
},
{
"status": "affected",
"version": "15.6(1)T1"
},
{
"status": "affected",
"version": "15.6(2)T1"
},
{
"status": "affected",
"version": "15.6(1)T2"
},
{
"status": "affected",
"version": "15.6(2)T2"
},
{
"status": "affected",
"version": "15.6(3)M"
},
{
"status": "affected",
"version": "15.6(3)M1"
},
{
"status": "affected",
"version": "15.6(3)M0a"
},
{
"status": "affected",
"version": "15.6(3)M1b"
},
{
"status": "affected",
"version": "15.6(3)M2"
},
{
"status": "affected",
"version": "15.6(3)M2a"
}
]
},
{
"product": "Universal Product",
"vendor": "IntelliShield",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "At the time of initial publication, Cisco was aware of external knowledge of the vulnerabilities described in this advisory and, as a precaution, notified customers about the potential for exploitation.\r\n\r\nOn January 6, 2017, a security researcher published functional exploit code for these vulnerabilities.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) is aware of exploitation of the following vulnerabilities that are described in this advisory:\r\n\r\nCVE-2017-6736\r\nCVE-2017-6737\r\nCVE-2017-6738\r\nCVE-2017-6739\r\nCVE-2017-6740\r\nCVE-2017-6742\r\nCVE-2017-6743\r\nCVE-2017-6744\r\n\r\nThe Cisco PSIRT is aware of exploit code available for CVE-2017-6741.\r\n\r\nAdditional information can be found at Cisco TALOS: DNS Hijacking Abuses Trust In Core Internet Service [\"https://blog.talosintelligence.com/2019/04/seaturtle.html\"]."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "cvssV3_0"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:03.284Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-20170629-snmp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"source": {
"advisory": "cisco-sa-20170629-snmp",
"defects": [
"CSCve78027",
"CSCve60276"
],
"discovery": "UNKNOWN"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6744",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6740
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:58
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6740",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:35:48.424441Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6740"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:58:58.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6740",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:58:58.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6741
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66658.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66658."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66658."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6741",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6739
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:59
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66540.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6739",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:36:04.566448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6739"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:59:11.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66540."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66540."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6739",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:59:11.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6743
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:58
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60376, CSCve78027.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6743",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:35:10.951116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6743"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:58:33.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60376, CSCve78027."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve60376, CSCve78027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6743",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:58:33.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6738
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2024-11-15 17:59
Severity ?
EPSS score ?
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99345 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038808 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IOS and IOS XE |
Version: Cisco IOS and IOS XE |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6738",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:36:26.152413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-6738"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:59:27.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS and IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS and IOS XE"
}
]
}
],
"datePublic": "2017-07-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve89865, CSCsy56638."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038808"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6738",
"datePublished": "2017-07-17T21:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-15T17:59:27.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.