CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
47.2%
According to its self-reported version, the IOS is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information.
#TRUSTED 9fe5a4de434b718d6ff35b012c9cb85eb3d8bc36a410aeeab9ac804b4f6e4b11aeb1a9867361dfc3c3e8ba0b8844893ab4903688c551f86719106bdbb8f4760810b0231f4a1f94f8eda09fa4a72c4fa7f5f599de6d02378101f31c4a3c36edfb0d308efcdb81898408ba316be05cddd73b5cedb414d9cdb3a27115b265cc81949167a42d9445c383e458a4468dce36cc15bd22e57634719947e64f404eb4bc248abcb99c5fd858fa190ca56ad9c2493fad538f62e812c9390b9577a417075c82214fba5d3bd5eef84635c544256945aa51a85702312237bc80c6800bc824df2fc99e7f874b52219897e47ca6f94ff6886f364cf663704f2a9a6809bd6e142a97fefaaa90ef536478806ec4bd519786d64e533df2a80163f76debca41d9108762a5cecc5fa041f1f285fd6940d30e8d1a5a964bdaed9ffe70aa0d55ca74798d420d1870b7f7080acc45e4f8d24222565b452f2434f40bc3152e4893d0c89fef2de6c16f373e923fc8c19b88ef8660995c18de464fbf506080e163da9a910949cdc0c0587d039cde62304adb5585e8d6da209eb784d74bc8e24994542f56a50aa498215180f26a4dad270e0f7a798c03043065e5004af71a5f6c4d3305795084441fa3aeb73fcd44a6c5cbc7862633a882da8205651f0224b2dda515c14f8ef11459d0b2a8e0aea09e0deaa0c98c4e78d5213c254a1b7359364739759f01b59403
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(103675);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/12");
script_cve_id("CVE-2017-12228");
script_bugtraq_id(101065);
script_xref(name:"CISCO-BUG-ID", value:"CSCvc33171");
script_xref(name:"CISCO-SA", value:"cisco-sa-20170927-pnp");
script_name(english:"Cisco IOS Software Plug-and-Play PKI API Certificate Validation Vulnerability");
script_summary(english:"Checks the IOS version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the IOS is affected
by one or more vulnerabilities. Please see the included Cisco BIDs
and the Cisco Security Advisory for more information.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-pnp
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5d9fc170");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc33171");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID(s)
CSCvc33171..");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-12228");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/27");
script_set_attribute(attribute:"patch_publication_date", value:"2017/09/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/06");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include('audit.inc');
include('cisco_workarounds.inc');
include('ccf.inc');
product_info = cisco::get_product_info(name:'Cisco IOS');
version_list = make_list(
'12.4(25e)JAO20s',
'12.4(25e)JAO3a',
'12.4(25e)JAP1n',
'12.4(25e)JAP9',
'15.0(2)EJ',
'15.0(2)EJ1',
'15.0(2)EX',
'15.0(2)EX1',
'15.0(2)EX10',
'15.0(2)EX13',
'15.0(2)EX2',
'15.0(2)EX3',
'15.0(2)EX4',
'15.0(2)EX5',
'15.0(2)EX8',
'15.0(2)EZ',
'15.0(2)SE1',
'15.0(2)SE10',
'15.0(2)SE10a',
'15.0(2)SE2',
'15.0(2)SE3',
'15.0(2)SE4',
'15.0(2)SE5',
'15.0(2)SE6',
'15.0(2)SE7',
'15.0(2)SE8',
'15.0(2)SE9',
'15.0(2)SQD7',
'15.0(2a)EX5',
'15.0(2a)SE9',
'15.1(1)SY',
'15.1(1)SY1',
'15.1(1)SY2',
'15.1(1)SY3',
'15.1(1)SY4',
'15.1(1)SY5',
'15.1(1)SY6',
'15.1(2)SG7a',
'15.1(2)SY',
'15.1(2)SY1',
'15.1(2)SY10',
'15.1(2)SY2',
'15.1(2)SY3',
'15.1(2)SY4',
'15.1(2)SY4a',
'15.1(2)SY5',
'15.1(2)SY6',
'15.1(2)SY7',
'15.1(2)SY8',
'15.1(2)SY9',
'15.2(1)E',
'15.2(1)E1',
'15.2(1)E2',
'15.2(1)E3',
'15.2(1)EY',
'15.2(1)SY',
'15.2(1)SY0a',
'15.2(1)SY1',
'15.2(1)SY1a',
'15.2(1)SY2',
'15.2(1)SY3',
'15.2(1)SY4',
'15.2(2)E',
'15.2(2)E1',
'15.2(2)E2',
'15.2(2)E3',
'15.2(2)E4',
'15.2(2)E5',
'15.2(2)E5a',
'15.2(2)E5b',
'15.2(2)E6',
'15.2(2)EA1',
'15.2(2)EA2',
'15.2(2)EA3',
'15.2(2)EB',
'15.2(2)EB1',
'15.2(2)EB2',
'15.2(2)GC',
'15.2(2)JA',
'15.2(2)JA1',
'15.2(2)JAX',
'15.2(2)JAX1',
'15.2(2)JB',
'15.2(2)JB2',
'15.2(2)JB3',
'15.2(2)JB4',
'15.2(2)JB5',
'15.2(2)JB6',
'15.2(2)JN1',
'15.2(2)JN2',
'15.2(2)S',
'15.2(2)S0a',
'15.2(2)S0c',
'15.2(2)S1',
'15.2(2)S2',
'15.2(2)SNG',
'15.2(2)SNH1',
'15.2(2)SNI',
'15.2(2)SY',
'15.2(2)SY1',
'15.2(2)SY2',
'15.2(2)T',
'15.2(2)T1',
'15.2(2)T2',
'15.2(2)T3',
'15.2(2)T4',
'15.2(2a)E1',
'15.2(2a)E2',
'15.2(3)E',
'15.2(3)E1',
'15.2(3)E2',
'15.2(3)E3',
'15.2(3)E4',
'15.2(3)E5',
'15.2(3)EA',
'15.2(3)EX',
'15.2(3)GC',
'15.2(3)GC1',
'15.2(3)T',
'15.2(3)T1',
'15.2(3)T2',
'15.2(3)T3',
'15.2(3)T4',
'15.2(3a)E',
'15.2(3m)E2',
'15.2(3m)E3',
'15.2(3m)E8',
'15.2(4)E',
'15.2(4)E1',
'15.2(4)E2',
'15.2(4)E3',
'15.2(4)E4',
'15.2(4)EA',
'15.2(4)EA1',
'15.2(4)EA3',
'15.2(4)EA4',
'15.2(4)EA5',
'15.2(4)EC',
'15.2(4)EC1',
'15.2(4)EC2',
'15.2(4)GC',
'15.2(4)GC1',
'15.2(4)GC2',
'15.2(4)GC3',
'15.2(4)JA',
'15.2(4)JA1',
'15.2(4)JB',
'15.2(4)JB1',
'15.2(4)JB2',
'15.2(4)JB3',
'15.2(4)JB3a',
'15.2(4)JB3b',
'15.2(4)JB3h',
'15.2(4)JB3s',
'15.2(4)JB4',
'15.2(4)JB5',
'15.2(4)JB5h',
'15.2(4)JB5m',
'15.2(4)JB6',
'15.2(4)JB7',
'15.2(4)JN',
'15.2(4)M',
'15.2(4)M1',
'15.2(4)M10',
'15.2(4)M11',
'15.2(4)M2',
'15.2(4)M3',
'15.2(4)M4',
'15.2(4)M5',
'15.2(4)M6',
'15.2(4)M6a',
'15.2(4)M7',
'15.2(4)M8',
'15.2(4)M9',
'15.2(4)S',
'15.2(4)S1',
'15.2(4)S2',
'15.2(4)S3',
'15.2(4)S3a',
'15.2(4)S4',
'15.2(4)S4a',
'15.2(4)S5',
'15.2(4)S6',
'15.2(4)S7',
'15.2(4m)E1',
'15.2(4m)E3',
'15.2(4n)E2',
'15.2(4o)E2',
'15.2(4p)E1',
'15.2(5)E',
'15.2(5)E1',
'15.2(5)E2a',
'15.2(5)E2b',
'15.2(5)EA',
'15.2(5)EX',
'15.2(5a)E',
'15.2(5a)E1',
'15.2(5b)E',
'15.2(5c)E',
'15.3(1)S',
'15.3(1)S1',
'15.3(1)S2',
'15.3(1)SY',
'15.3(1)SY1',
'15.3(1)SY2',
'15.3(1)T',
'15.3(1)T1',
'15.3(1)T2',
'15.3(1)T3',
'15.3(1)T4',
'15.3(2)S',
'15.3(2)S1',
'15.3(2)S2',
'15.3(2)T',
'15.3(2)T1',
'15.3(2)T2',
'15.3(2)T3',
'15.3(2)T4',
'15.3(3)JA',
'15.3(3)JA1',
'15.3(3)JA10',
'15.3(3)JA11',
'15.3(3)JA1m',
'15.3(3)JA1n',
'15.3(3)JA4',
'15.3(3)JA5',
'15.3(3)JA6',
'15.3(3)JA7',
'15.3(3)JA76',
'15.3(3)JA77',
'15.3(3)JA8',
'15.3(3)JAA',
'15.3(3)JAB',
'15.3(3)JAX',
'15.3(3)JAX1',
'15.3(3)JAX2',
'15.3(3)JB',
'15.3(3)JB75',
'15.3(3)JBB',
'15.3(3)JBB1',
'15.3(3)JBB2',
'15.3(3)JBB4',
'15.3(3)JBB5',
'15.3(3)JBB50',
'15.3(3)JBB6',
'15.3(3)JBB6a',
'15.3(3)JBB8',
'15.3(3)JC',
'15.3(3)JC1',
'15.3(3)JC2',
'15.3(3)JC3',
'15.3(3)JC4',
'15.3(3)JC5',
'15.3(3)JC50',
'15.3(3)JC51',
'15.3(3)JC6',
'15.3(3)JC7',
'15.3(3)JCA7',
'15.3(3)JD',
'15.3(3)JD2',
'15.3(3)JD3',
'15.3(3)JD4',
'15.3(3)JDA3',
'15.3(3)JE',
'15.3(3)JE1',
'15.3(3)JN3',
'15.3(3)JN4',
'15.3(3)JN7',
'15.3(3)JN8',
'15.3(3)JN9',
'15.3(3)JNB',
'15.3(3)JNB1',
'15.3(3)JNB2',
'15.3(3)JNB3',
'15.3(3)JNB4',
'15.3(3)JNB6',
'15.3(3)JNC',
'15.3(3)JNC1',
'15.3(3)JNC4',
'15.3(3)JND',
'15.3(3)JND1',
'15.3(3)JND2',
'15.3(3)JND3',
'15.3(3)JNP',
'15.3(3)JNP1',
'15.3(3)JNP2',
'15.3(3)JPB',
'15.3(3)JPB1',
'15.3(3)JPB2',
'15.3(3)JPC2',
'15.3(3)JPC3',
'15.3(3)JPD',
'15.3(3)M',
'15.3(3)M1',
'15.3(3)M2',
'15.3(3)M3',
'15.3(3)M4',
'15.3(3)M5',
'15.3(3)M6',
'15.3(3)M7',
'15.3(3)M8',
'15.3(3)M8a',
'15.3(3)M9',
'15.3(3)S',
'15.3(3)S1',
'15.3(3)S1a',
'15.3(3)S2',
'15.3(3)S3',
'15.3(3)S4',
'15.3(3)S5',
'15.3(3)S6',
'15.3(3)S7',
'15.3(3)S8',
'15.3(3)S8a',
'15.3(3)S9',
'15.4(1)CG',
'15.4(1)CG1',
'15.4(1)S',
'15.4(1)S1',
'15.4(1)S2',
'15.4(1)S3',
'15.4(1)S4',
'15.4(1)SY',
'15.4(1)SY1',
'15.4(1)SY2',
'15.4(1)T',
'15.4(1)T1',
'15.4(1)T2',
'15.4(1)T3',
'15.4(1)T4',
'15.4(2)CG',
'15.4(2)S',
'15.4(2)S1',
'15.4(2)S2',
'15.4(2)S3',
'15.4(2)S4',
'15.4(2)T',
'15.4(2)T1',
'15.4(2)T2',
'15.4(2)T3',
'15.4(2)T4',
'15.4(3)M',
'15.4(3)M1',
'15.4(3)M2',
'15.4(3)M3',
'15.4(3)M4',
'15.4(3)M5',
'15.4(3)M6',
'15.4(3)M6a',
'15.4(3)M7',
'15.4(3)S',
'15.4(3)S1',
'15.4(3)S2',
'15.4(3)S3',
'15.4(3)S4',
'15.4(3)S5',
'15.4(3)S5a',
'15.4(3)S6',
'15.4(3)S6a',
'15.4(3)S6b',
'15.4(3)S7',
'15.4(3)S7a',
'15.5(1)S',
'15.5(1)S1',
'15.5(1)S2',
'15.5(1)S3',
'15.5(1)S4',
'15.5(1)SY',
'15.5(1)SY1',
'15.5(1)T',
'15.5(1)T1',
'15.5(1)T2',
'15.5(1)T3',
'15.5(1)T4',
'15.5(2)S',
'15.5(2)S1',
'15.5(2)S2',
'15.5(2)S3',
'15.5(2)S4',
'15.5(2)T',
'15.5(2)T1',
'15.5(2)T2',
'15.5(2)T3',
'15.5(2)T4',
'15.5(3)M',
'15.5(3)M0a',
'15.5(3)M1',
'15.5(3)M2',
'15.5(3)M3',
'15.5(3)M4',
'15.5(3)M4a',
'15.5(3)M5',
'15.5(3)S',
'15.5(3)S0a',
'15.5(3)S1',
'15.5(3)S1a',
'15.5(3)S2',
'15.5(3)S2a',
'15.5(3)S2b',
'15.5(3)S3',
'15.5(3)S3a',
'15.5(3)S4',
'15.5(3)S4a',
'15.5(3)S4b',
'15.5(3)S4d',
'15.5(3)S5',
'15.5(3)SN',
'15.6(1)S',
'15.6(1)S1',
'15.6(1)S1a',
'15.6(1)S2',
'15.6(1)S3',
'15.6(1)T',
'15.6(1)T0a',
'15.6(1)T1',
'15.6(1)T2',
'15.6(1)T3',
'15.6(2)S',
'15.6(2)S0a',
'15.6(2)S1',
'15.6(2)S2',
'15.6(2)S3',
'15.6(2)SN',
'15.6(2)SP',
'15.6(2)SP1',
'15.6(2)SP1b',
'15.6(2)SP1c',
'15.6(2)SP2',
'15.6(2)SP2a',
'15.6(2)T',
'15.6(2)T1',
'15.6(2)T2',
'15.6(3)M',
'15.6(3)M0a',
'15.6(3)M1',
'15.6(3)M1b'
);
workarounds = make_list(CISCO_WORKAROUNDS['generic_workaround']);
workaround_params = WORKAROUND_CONFIG['show_pnp_profile'];
reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCvc33171',
'cmds' , make_list('show pnp profile')
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
workaround_params:workaround_params,
reporting:reporting,
vuln_versions:version_list
);
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
47.2%