Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cnvd-2017-12532
Vulnerability from cnvd
Title
Cisco IOS和IOS XE SNMP远程执行代码漏洞(CNVD-2017-12532)
Description
Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。
Cisco IOS和IOS XE SNMP远程执行代码漏洞。允许远程攻击者通过发送构造的SNMP数据包使得SNMP服务缓冲区溢出,导致任意命令执行。
Severity
高
VLAI Severity ?
Patch Name
Cisco IOS和IOS XE SNMP远程执行代码漏洞(CNVD-2017-12532)的补丁
Patch Description
Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。
Cisco IOS和IOS XE SNMP远程执行代码漏洞。允许远程攻击者通过发送构造的SNMP数据包使得SNMP服务缓冲区溢出,导致任意命令执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
Reference
http://securitytracker.com/id/1038808
Impacted products
| Name | ['Cisco IOS XE', 'Cisco IOS'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "99345"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-6740"
}
},
"description": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nCisco IOS\u548cIOS XE SNMP\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u6784\u9020\u7684SNMP\u6570\u636e\u5305\u4f7f\u5f97SNMP\u670d\u52a1\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u4efb\u610f\u547d\u4ee4\u6267\u884c\u3002",
"discovererName": "Cisco",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-12532",
"openTime": "2017-07-03",
"patchDescription": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nCisco IOS\u548cIOS XE SNMP\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u6784\u9020\u7684SNMP\u6570\u636e\u5305\u4f7f\u5f97SNMP\u670d\u52a1\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u4efb\u610f\u547d\u4ee4\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco IOS\u548cIOS XE SNMP\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\uff08CNVD-2017-12532\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Cisco IOS XE",
"Cisco IOS"
]
},
"referenceLink": "http://securitytracker.com/id/1038808",
"serverity": "\u9ad8",
"submitTime": "2017-07-02",
"title": "Cisco IOS\u548cIOS XE SNMP\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\uff08CNVD-2017-12532\uff09"
}
CVE-2017-6740 (GCVE-0-2017-6740)
Vulnerability from cvelistv5
Published
2017-07-17 21:00
Modified
2025-10-21 23:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.
Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | IOS |
Version: 12.2(14)ZA Version: 12.2(14)ZA3 Version: 12.2(14)ZA2 Version: 12.2(14)ZA5 Version: 12.2(14)ZA4 Version: 12.2(14)ZA6 Version: 12.2(14)ZA7 Version: 12.2(25)SE2 Version: 12.2(29)SV2 Version: 12.2(17d)SXB6 Version: 12.2(17d)SXB11 Version: 12.2(17d)SXB7 Version: 12.2(17d)SXB4 Version: 12.2(17d)SXB2 Version: 12.2(17d)SXB3 Version: 12.2(17d)SXB5 Version: 12.2(17d)SXB10 Version: 12.2(17d)SXB8 Version: 12.2(17d)SXB11a Version: 12.2(17d)SXB1 Version: 12.2(17d)SXB9 Version: 12.2(18)SO1 Version: 12.2(18)SO3 Version: 12.2(18)SO2 Version: 12.2(18)SXF Version: 12.2(18)SXF5 Version: 12.2(18)SXF6 Version: 12.2(18)SXF15 Version: 12.2(18)SXF10 Version: 12.2(18)SXF17b Version: 12.2(18)SXF4 Version: 12.2(18)SXF15a Version: 12.2(18)SXF3 Version: 12.2(18)SXF17 Version: 12.2(18)SXF12 Version: 12.2(18)SXF8 Version: 12.2(18)SXF10a Version: 12.2(18)SXF16 Version: 12.2(18)SXF7 Version: 12.2(18)SXF17a Version: 12.2(18)SXF14 Version: 12.2(18)SXF12a Version: 12.2(18)SXF9 Version: 12.2(18)SXF13 Version: 12.2(18)SXF2 Version: 12.2(18)SXF11 Version: 12.2(28)ZX Version: 12.2(33)STE0 Version: 15.0(1)XO1 Version: 15.0(1)XO Version: 15.0(2)XO Version: 15.0(2)SG11a Version: 15.0(1)EX Version: 15.0(2)EX2 Version: 15.0(2)EX8 Version: 15.0(2)EX10 Version: 15.0(2)EX11 Version: 15.0(2)EX13 Version: 15.0(2)EX12 Version: 15.1(2)SY9 Version: 15.1(3)MRA3 Version: 15.1(3)MRA4 Version: 15.1(3)SVB1 Version: 15.1(3)SVB2 Version: 15.1(3)SVD Version: 15.1(3)SVD1 Version: 15.1(3)SVD2 Version: 15.1(3)SVF Version: 15.1(3)SVF1 Version: 15.1(3)SVE Version: 15.1(3)SVG Version: 15.1(3)SVJ2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99345"
},
{
"name": "1038808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6740",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:35:48.424441Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6740"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:55:37.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6740"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2017-6740 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.2(14)ZA"
},
{
"status": "affected",
"version": "12.2(14)ZA3"
},
{
"status": "affected",
"version": "12.2(14)ZA2"
},
{
"status": "affected",
"version": "12.2(14)ZA5"
},
{
"status": "affected",
"version": "12.2(14)ZA4"
},
{
"status": "affected",
"version": "12.2(14)ZA6"
},
{
"status": "affected",
"version": "12.2(14)ZA7"
},
{
"status": "affected",
"version": "12.2(25)SE2"
},
{
"status": "affected",
"version": "12.2(29)SV2"
},
{
"status": "affected",
"version": "12.2(17d)SXB6"
},
{
"status": "affected",
"version": "12.2(17d)SXB11"
},
{
"status": "affected",
"version": "12.2(17d)SXB7"
},
{
"status": "affected",
"version": "12.2(17d)SXB4"
},
{
"status": "affected",
"version": "12.2(17d)SXB2"
},
{
"status": "affected",
"version": "12.2(17d)SXB3"
},
{
"status": "affected",
"version": "12.2(17d)SXB5"
},
{
"status": "affected",
"version": "12.2(17d)SXB10"
},
{
"status": "affected",
"version": "12.2(17d)SXB8"
},
{
"status": "affected",
"version": "12.2(17d)SXB11a"
},
{
"status": "affected",
"version": "12.2(17d)SXB1"
},
{
"status": "affected",
"version": "12.2(17d)SXB9"
},
{
"status": "affected",
"version": "12.2(18)SO1"
},
{
"status": "affected",
"version": "12.2(18)SO3"
},
{
"status": "affected",
"version": "12.2(18)SO2"
},
{
"status": "affected",
"version": "12.2(18)SXF"
},
{
"status": "affected",
"version": "12.2(18)SXF5"
},
{
"status": "affected",
"version": "12.2(18)SXF6"
},
{
"status": "affected",
"version": "12.2(18)SXF15"
},
{
"status": "affected",
"version": "12.2(18)SXF10"
},
{
"status": "affected",
"version": "12.2(18)SXF17b"
},
{
"status": "affected",
"version": "12.2(18)SXF4"
},
{
"status": "affected",
"version": "12.2(18)SXF15a"
},
{
"status": "affected",
"version": "12.2(18)SXF3"
},
{
"status": "affected",
"version": "12.2(18)SXF17"
},
{
"status": "affected",
"version": "12.2(18)SXF12"
},
{
"status": "affected",
"version": "12.2(18)SXF8"
},
{
"status": "affected",
"version": "12.2(18)SXF10a"
},
{
"status": "affected",
"version": "12.2(18)SXF16"
},
{
"status": "affected",
"version": "12.2(18)SXF7"
},
{
"status": "affected",
"version": "12.2(18)SXF17a"
},
{
"status": "affected",
"version": "12.2(18)SXF14"
},
{
"status": "affected",
"version": "12.2(18)SXF12a"
},
{
"status": "affected",
"version": "12.2(18)SXF9"
},
{
"status": "affected",
"version": "12.2(18)SXF13"
},
{
"status": "affected",
"version": "12.2(18)SXF2"
},
{
"status": "affected",
"version": "12.2(18)SXF11"
},
{
"status": "affected",
"version": "12.2(28)ZX"
},
{
"status": "affected",
"version": "12.2(33)STE0"
},
{
"status": "affected",
"version": "15.0(1)XO1"
},
{
"status": "affected",
"version": "15.0(1)XO"
},
{
"status": "affected",
"version": "15.0(2)XO"
},
{
"status": "affected",
"version": "15.0(2)SG11a"
},
{
"status": "affected",
"version": "15.0(1)EX"
},
{
"status": "affected",
"version": "15.0(2)EX2"
},
{
"status": "affected",
"version": "15.0(2)EX8"
},
{
"status": "affected",
"version": "15.0(2)EX10"
},
{
"status": "affected",
"version": "15.0(2)EX11"
},
{
"status": "affected",
"version": "15.0(2)EX13"
},
{
"status": "affected",
"version": "15.0(2)EX12"
},
{
"status": "affected",
"version": "15.1(2)SY9"
},
{
"status": "affected",
"version": "15.1(3)MRA3"
},
{
"status": "affected",
"version": "15.1(3)MRA4"
},
{
"status": "affected",
"version": "15.1(3)SVB1"
},
{
"status": "affected",
"version": "15.1(3)SVB2"
},
{
"status": "affected",
"version": "15.1(3)SVD"
},
{
"status": "affected",
"version": "15.1(3)SVD1"
},
{
"status": "affected",
"version": "15.1(3)SVD2"
},
{
"status": "affected",
"version": "15.1(3)SVF"
},
{
"status": "affected",
"version": "15.1(3)SVF1"
},
{
"status": "affected",
"version": "15.1(3)SVE"
},
{
"status": "affected",
"version": "15.1(3)SVG"
},
{
"status": "affected",
"version": "15.1(3)SVJ2"
}
]
},
{
"product": "Universal Product",
"vendor": "IntelliShield",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.\r\n\r The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.\r\n\r Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.\r\n\r There are workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "At the time of initial publication, Cisco was aware of external knowledge of the vulnerabilities described in this advisory and, as a precaution, notified customers about the potential for exploitation.\r\n\r\nOn January 6, 2017, a security researcher published functional exploit code for these vulnerabilities.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) is aware of exploitation of the following vulnerabilities that are described in this advisory:\r\n\r\nCVE-2017-6736\r\nCVE-2017-6737\r\nCVE-2017-6738\r\nCVE-2017-6739\r\nCVE-2017-6740\r\nCVE-2017-6742\r\nCVE-2017-6743\r\nCVE-2017-6744\r\n\r\nThe Cisco PSIRT is aware of exploit code available for CVE-2017-6741.\r\n\r\nAdditional information can be found at Cisco TALOS: DNS Hijacking Abuses Trust In Core Internet Service [\"https://blog.talosintelligence.com/2019/04/seaturtle.html\"]."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "cvssV3_0"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T16:23:28.536Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-20170629-snmp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"
}
],
"source": {
"advisory": "cisco-sa-20170629-snmp",
"defects": [
"CSCve66601"
],
"discovery": "UNKNOWN"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6740",
"datePublished": "2017-07-17T21:00:00.000Z",
"dateReserved": "2017-03-09T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:55:37.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…