Lucene search

CiscoCVE-2017-12240

HistorySep 29, 2017 - 1:34 a.m.

CVE-2017-12240

2017-09-2901:34:49

CWE-119

CWE-20

cisco

web.nvd.nist.gov

1020

In Wild

cisco

ios

vulnerability

dhcp

relay

arbitrary code execution

buffer overflow

denial of service

nvd

cve-2017-12240

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.061

Percentile

93.6%

JSON

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.

Affected configurations

Nvd

Node

ciscoiosRange12.2–15.6

AND

cisco1000_integrated_services_routerMatch-

cisco1100-4g_integrated_services_routerMatch-

cisco1100-4gltegb_integrated_services_routerMatch-

cisco1100-4gltena_integrated_services_routerMatch-

cisco1100-4p_integrated_services_routerMatch-

cisco1100-6g_integrated_services_routerMatch-

cisco1100-8p_integrated_services_routerMatch-

cisco1100-lte_integrated_services_routerMatch-

cisco1100_integrated_services_routerMatch-

cisco1101-4p_integrated_services_routerMatch-

cisco1101_integrated_services_routerMatch-

cisco1109-2p_integrated_services_routerMatch-

cisco1109-4p_integrated_services_routerMatch-

cisco1109_integrated_services_routerMatch-

cisco1111x-8p_integrated_services_routerMatch-

cisco1111x_integrated_services_routerMatch-

cisco111x_integrated_services_routerMatch-

cisco1120_integrated_services_routerMatch-

cisco1131_integrated_services_routerMatch-

cisco1160_integrated_services_routerMatch-

cisco1801_integrated_service_routerMatch-

cisco1802_integrated_service_routerMatch-

cisco1803_integrated_service_routerMatch-

cisco1811_integrated_service_routerMatch-

cisco1812_integrated_service_routerMatch-

cisco1841_integrated_service_routerMatch-

cisco1861_integrated_service_routerMatch-

cisco1905_integrated_services_routerMatch-

cisco1906c_integrated_services_routerMatch-

cisco1921_integrated_services_routerMatch-

cisco1941_integrated_services_routerMatch-

cisco1941w_integrated_services_routerMatch-

cisco4000_integrated_services_routerMatch-

cisco422_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco8101-32fhMatch-

cisco8101-32hMatch-

cisco8102-64hMatch-

cisco8201Match-

cisco8201-32fhMatch-

cisco8202Match-

cisco8208Match-

cisco8212Match-

cisco8218Match-

cisco8800_12-slotMatch-

cisco8800_18-slotMatch-

cisco8800_4-slotMatch-

cisco8800_8-slotMatch-

cisco8804Match-

cisco8808Match-

cisco8812Match-

cisco8818Match-

cisco8831Match-

cisco9800-40Match-

cisco9800-80Match-

cisco9800-clMatch-

cisco9800-lMatch-

ciscoasr_1000Match-

ciscoasr_1000-esp100Match-

ciscoasr_1000-esp100-xMatch-

ciscoasr_1000-esp200-xMatch-

ciscoasr_1000-xMatch-

ciscoasr_1001Match-

ciscoasr_1001-hxMatch-

ciscoasr_1001-hx_rMatch-

ciscoasr_1001-xMatch-

ciscoasr_1001-x_rMatch-

ciscoasr_1002Match-

ciscoasr_1002-hxMatch-

ciscoasr_1002-hx_rMatch-

ciscoasr_1002-xMatch-

ciscoasr_1002-x_rMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1006-xMatch-

ciscoasr_1009-xMatch-

ciscoasr_1013Match-

ciscoasr_1023Match-

ciscoasr_900Match-

ciscoasr_9000Match-

ciscoasr_9000vMatch-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_901-12c-f-dMatch-

ciscoasr_901-12c-ft-dMatch-

ciscoasr_901-4c-f-dMatch-

ciscoasr_901-4c-ft-dMatch-

ciscoasr_901-6cz-f-aMatch-

ciscoasr_901-6cz-f-dMatch-

ciscoasr_901-6cz-fs-aMatch-

ciscoasr_901-6cz-fs-dMatch-

ciscoasr_901-6cz-ft-aMatch-

ciscoasr_901-6cz-ft-dMatch-

ciscoasr_9010Match-

ciscoasr_901s-2sg-f-ahMatch-

ciscoasr_901s-2sg-f-dMatch-

ciscoasr_901s-3sg-f-ahMatch-

ciscoasr_901s-3sg-f-dMatch-

ciscoasr_901s-4sg-f-dMatch-

ciscoasr_902Match-

ciscoasr_902uMatch-

ciscoasr_903Match-

ciscoasr_907Match-

ciscoasr_914Match-

ciscoasr_920-10sz-pdMatch-

ciscoasr_920-10sz-pd_rMatch-

ciscoasr_920-10sz-pd_routerMatch-

ciscoasr_920-12cz-aMatch-

ciscoasr_920-12cz-a_rMatch-

ciscoasr_920-12cz-a_routerMatch-

ciscoasr_920-12cz-dMatch-

ciscoasr_920-12cz-d_rMatch-

ciscoasr_920-12cz-d_routerMatch-

ciscoasr_920-12sz-imMatch-

ciscoasr_920-12sz-im_rMatch-

ciscoasr_920-12sz-im_routerMatch-

ciscoasr_920-24sz-imMatch-

ciscoasr_920-24sz-im_rMatch-

ciscoasr_920-24sz-im_routerMatch-

ciscoasr_920-24sz-mMatch-

ciscoasr_920-24sz-m_rMatch-

ciscoasr_920-24sz-m_routerMatch-

ciscoasr_920-24tz-mMatch-

ciscoasr_920-24tz-m_rMatch-

ciscoasr_920-24tz-m_routerMatch-

ciscoasr_920-4sz-aMatch-

ciscoasr_920-4sz-a_rMatch-

ciscoasr_920-4sz-a_routerMatch-

ciscoasr_920-4sz-dMatch-

ciscoasr_920-4sz-d_rMatch-

ciscoasr_920-4sz-d_routerMatch-

ciscoasr_920u-12sz-imMatch-

ciscoasr_9901Match-

ciscoasr_9902Match-

ciscoasr_9903Match-

ciscoasr_9904Match-

ciscoasr_9906Match-

ciscoasr_9910Match-

ciscoasr_9912Match-

ciscoasr_9920Match-

ciscoasr_9922Match-

ciscocatalyst_3650Match-

ciscocatalyst_3650-12x48fd-eMatch-

ciscocatalyst_3650-12x48fd-lMatch-

ciscocatalyst_3650-12x48fd-sMatch-

ciscocatalyst_3650-12x48uqMatch-

ciscocatalyst_3650-12x48uq-eMatch-

ciscocatalyst_3650-12x48uq-lMatch-

ciscocatalyst_3650-12x48uq-sMatch-

ciscocatalyst_3650-12x48urMatch-

ciscocatalyst_3650-12x48ur-eMatch-

ciscocatalyst_3650-12x48ur-lMatch-

ciscocatalyst_3650-12x48ur-sMatch-

ciscocatalyst_3650-12x48uzMatch-

ciscocatalyst_3650-12x48uz-eMatch-

ciscocatalyst_3650-12x48uz-lMatch-

ciscocatalyst_3650-12x48uz-sMatch-

ciscocatalyst_3650-24pdMatch-

ciscocatalyst_3650-24pd-eMatch-

ciscocatalyst_3650-24pd-lMatch-

ciscocatalyst_3650-24pd-sMatch-

ciscocatalyst_3650-24pdmMatch-

ciscocatalyst_3650-24pdm-eMatch-

ciscocatalyst_3650-24pdm-lMatch-

ciscocatalyst_3650-24pdm-sMatch-

ciscocatalyst_3650-24ps-eMatch-

ciscocatalyst_3650-24ps-lMatch-

ciscocatalyst_3650-24ps-sMatch-

ciscocatalyst_3650-24td-eMatch-

ciscocatalyst_3650-24td-lMatch-

ciscocatalyst_3650-24td-sMatch-

ciscocatalyst_3650-24ts-eMatch-

ciscocatalyst_3650-24ts-lMatch-

ciscocatalyst_3650-24ts-sMatch-

ciscocatalyst_3650-48fd-eMatch-

ciscocatalyst_3650-48fd-lMatch-

ciscocatalyst_3650-48fd-sMatch-

ciscocatalyst_3650-48fqMatch-

ciscocatalyst_3650-48fq-eMatch-

ciscocatalyst_3650-48fq-lMatch-

ciscocatalyst_3650-48fq-sMatch-

ciscocatalyst_3650-48fqmMatch-

ciscocatalyst_3650-48fqm-eMatch-

ciscocatalyst_3650-48fqm-lMatch-

ciscocatalyst_3650-48fqm-sMatch-

ciscocatalyst_3650-48fs-eMatch-

ciscocatalyst_3650-48fs-lMatch-

ciscocatalyst_3650-48fs-sMatch-

ciscocatalyst_3650-48pd-eMatch-

ciscocatalyst_3650-48pd-lMatch-

ciscocatalyst_3650-48pd-sMatch-

ciscocatalyst_3650-48pq-eMatch-

ciscocatalyst_3650-48pq-lMatch-

ciscocatalyst_3650-48pq-sMatch-

ciscocatalyst_3650-48ps-eMatch-

ciscocatalyst_3650-48ps-lMatch-

ciscocatalyst_3650-48ps-sMatch-

ciscocatalyst_3650-48td-eMatch-

ciscocatalyst_3650-48td-lMatch-

ciscocatalyst_3650-48td-sMatch-

ciscocatalyst_3650-48tq-eMatch-

ciscocatalyst_3650-48tq-lMatch-

ciscocatalyst_3650-48tq-sMatch-

ciscocatalyst_3650-48ts-eMatch-

ciscocatalyst_3650-48ts-lMatch-

ciscocatalyst_3650-48ts-sMatch-

ciscocatalyst_3650-8x24pd-eMatch-

ciscocatalyst_3650-8x24pd-lMatch-

ciscocatalyst_3650-8x24pd-sMatch-

ciscocatalyst_3650-8x24uqMatch-

ciscocatalyst_3650-8x24uq-eMatch-

ciscocatalyst_3650-8x24uq-lMatch-

ciscocatalyst_3650-8x24uq-sMatch-

ciscocatalyst_3850Match-

ciscocatalyst_3850-12s-eMatch-

ciscocatalyst_3850-12s-sMatch-

ciscocatalyst_3850-12x48uMatch-

ciscocatalyst_3850-12xs-eMatch-

ciscocatalyst_3850-12xs-sMatch-

ciscocatalyst_3850-16xs-eMatch-

ciscocatalyst_3850-16xs-sMatch-

ciscocatalyst_3850-24p-eMatch-

ciscocatalyst_3850-24p-lMatch-

ciscocatalyst_3850-24p-sMatch-

ciscocatalyst_3850-24pw-sMatch-

ciscocatalyst_3850-24s-eMatch-

ciscocatalyst_3850-24s-sMatch-

ciscocatalyst_3850-24t-eMatch-

ciscocatalyst_3850-24t-lMatch-

ciscocatalyst_3850-24t-sMatch-

ciscocatalyst_3850-24uMatch-

ciscocatalyst_3850-24u-eMatch-

ciscocatalyst_3850-24u-lMatch-

ciscocatalyst_3850-24u-sMatch-

ciscocatalyst_3850-24xsMatch-

ciscocatalyst_3850-24xs-eMatch-

ciscocatalyst_3850-24xs-sMatch-

ciscocatalyst_3850-24xuMatch-

ciscocatalyst_3850-24xu-eMatch-

ciscocatalyst_3850-24xu-lMatch-

ciscocatalyst_3850-24xu-sMatch-

ciscocatalyst_3850-32xs-eMatch-

ciscocatalyst_3850-32xs-sMatch-

ciscocatalyst_3850-48f-eMatch-

ciscocatalyst_3850-48f-lMatch-

ciscocatalyst_3850-48f-sMatch-

ciscocatalyst_3850-48p-eMatch-

ciscocatalyst_3850-48p-lMatch-

ciscocatalyst_3850-48p-sMatch-

ciscocatalyst_3850-48pw-sMatch-

ciscocatalyst_3850-48t-eMatch-

ciscocatalyst_3850-48t-lMatch-

ciscocatalyst_3850-48t-sMatch-

ciscocatalyst_3850-48uMatch-

ciscocatalyst_3850-48u-eMatch-

ciscocatalyst_3850-48u-lMatch-

ciscocatalyst_3850-48u-sMatch-

ciscocatalyst_3850-48xsMatch-

ciscocatalyst_3850-48xs-eMatch-

ciscocatalyst_3850-48xs-f-eMatch-

ciscocatalyst_3850-48xs-f-sMatch-

ciscocatalyst_3850-48xs-sMatch-

ciscocatalyst_3850-nm-2-40gMatch-

ciscocatalyst_3850-nm-8-10gMatch-

VendorProductVersionCPE
ciscoios*cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cisco1000_integrated_services_router-cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-4g_integrated_services_router-cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-4gltegb_integrated_services_router-cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-4gltena_integrated_services_router-cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-4p_integrated_services_router-cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-6g_integrated_services_router-cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-8p_integrated_services_router-cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-lte_integrated_services_router-cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100_integrated_services_router-cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	*	cpe:2.3:o:cisco:ios::::::::
cisco	1000_integrated_services_router	-	cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::*
cisco	1100-4g_integrated_services_router	-	cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:::::::*
cisco	1100-4gltegb_integrated_services_router	-	cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:::::::*
cisco	1100-4gltena_integrated_services_router	-	cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:::::::*
cisco	1100-4p_integrated_services_router	-	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
cisco	1100-6g_integrated_services_router	-	cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:::::::*
cisco	1100-8p_integrated_services_router	-	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
cisco	1100-lte_integrated_services_router	-	cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:::::::*
cisco	1100_integrated_services_router	-	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*

Rows per page:

1-10 of 2651

CNA Affected

[
  {
    "product": "Cisco IOS and IOS XE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS and IOS XE"
      }
    ]
  }
]

References

www.securityfocus.com/bid/101034

www.securitytracker.com/id/1039445

quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390

quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.061

Percentile

93.6%

JSON

Related for CVE-2017-12240