Lucene search

[email protected]NVD:CVE-2017-3850

HistoryMar 21, 2017 - 4:59 p.m.

CVE-2017-3850

2017-03-2116:59:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: (1) the device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured); and (2) the device must have a reachable IPv6 interface. An exploit could allow the attacker to cause the affected device to reload. Cisco Bug IDs: CSCvc42729.

Affected configurations

Nvd

Node

ciscoiosMatch15.2\(3\)e

ciscoiosMatch15.2\(3\)e1

ciscoiosMatch15.2\(3\)e2

ciscoiosMatch15.2\(3\)e3

ciscoiosMatch15.2\(4\)e

ciscoiosMatch15.2\(4\)e1

ciscoiosMatch15.2\(4\)e2

ciscoiosMatch15.2\(5\)e

ciscoiosMatch15.2\(5b\)e

ciscoiosMatch15.3\(3\)s

ciscoiosMatch15.3\(3\)s1

ciscoiosMatch15.3\(3\)s2

ciscoiosMatch15.3\(3\)s3

ciscoiosMatch15.3\(3\)s4

ciscoiosMatch15.3\(3\)s5

ciscoiosMatch15.3\(3\)s6

ciscoiosMatch15.4\(1\)s

ciscoiosMatch15.4\(1\)s1

ciscoiosMatch15.4\(1\)s2

ciscoiosMatch15.4\(1\)s3

ciscoiosMatch15.4\(1\)s4

ciscoiosMatch15.4\(2\)s1

ciscoiosMatch15.4\(2\)s2

ciscoiosMatch15.4\(2\)s3

ciscoiosMatch15.4\(2\)s4

ciscoiosMatch15.4\(3\)s

ciscoiosMatch15.4\(3\)s1

ciscoiosMatch15.4\(3\)s2

ciscoiosMatch15.4\(3\)s3

ciscoiosMatch15.4\(3\)s4

ciscoiosMatch15.4\(3\)s5

ciscoiosMatch15.4\(3\)s6

ciscoiosMatch15.5\(1\)s

ciscoiosMatch15.5\(1\)s1

ciscoiosMatch15.5\(1\)s2

ciscoiosMatch15.5\(1\)s3

ciscoiosMatch15.5\(1\)s4

ciscoiosMatch15.5\(2\)s

ciscoiosMatch15.5\(2\)s1

ciscoiosMatch15.5\(2\)s2

ciscoiosMatch15.5\(2\)s3

ciscoiosMatch15.5\(3\)s

ciscoiosMatch15.5\(3\)s0a

ciscoiosMatch15.5\(3\)s1

ciscoiosMatch15.5\(3\)s1a

ciscoiosMatch15.5\(3\)s2

ciscoiosMatch15.5\(3\)s3

ciscoiosMatch15.5\(3\)sn

ciscoiosMatch15.6\(1\)s

ciscoiosMatch15.6\(1\)s1

ciscoiosMatch15.6\(1\)s2

ciscoiosMatch15.6\(1\)t

ciscoiosMatch15.6\(1\)t0a

ciscoiosMatch15.6\(1\)t1

ciscoiosMatch15.6\(1\)t2

ciscoiosMatch15.6\(2\)s

ciscoiosMatch15.6\(2\)s1

ciscoiosMatch15.6\(2\)sn

ciscoiosMatch15.6\(2\)t

ciscoiosMatch15.6\(2\)t1

ciscoiosMatch15.6\(2\)t2

ciscoiosMatch15.6\(3\)m

ciscoios_xeMatch3.7.0e

ciscoios_xeMatch3.7.1e

ciscoios_xeMatch3.7.2e

ciscoios_xeMatch3.7.3e

ciscoios_xeMatch3.7.4e

ciscoios_xeMatch3.7.5e

ciscoios_xeMatch3.8.0e

ciscoios_xeMatch3.8.1e

ciscoios_xeMatch3.8.2e

ciscoios_xeMatch3.8.3e

ciscoios_xeMatch3.9.0e

ciscoios_xeMatch3.9.1e

ciscoios_xeMatch3.10.0s

ciscoios_xeMatch3.10.1s

ciscoios_xeMatch3.10.1xbs

ciscoios_xeMatch3.10.2s

ciscoios_xeMatch3.10.3s

ciscoios_xeMatch3.10.4s

ciscoios_xeMatch3.10.5s

ciscoios_xeMatch3.10.6s

ciscoios_xeMatch3.10.7s

ciscoios_xeMatch3.10.8s

ciscoios_xeMatch3.11.0s

ciscoios_xeMatch3.11.1s

ciscoios_xeMatch3.11.2s

ciscoios_xeMatch3.11.3s

ciscoios_xeMatch3.11.4s

ciscoios_xeMatch3.12.0as

ciscoios_xeMatch3.12.1s

ciscoios_xeMatch3.12.2s

ciscoios_xeMatch3.12.3s

ciscoios_xeMatch3.12.4s

ciscoios_xeMatch3.13.0as

ciscoios_xeMatch3.13.0s

ciscoios_xeMatch3.13.1s

ciscoios_xeMatch3.13.2s

ciscoios_xeMatch3.13.3s

ciscoios_xeMatch3.13.4s

ciscoios_xeMatch3.13.5as

ciscoios_xeMatch3.13.5s

ciscoios_xeMatch3.13.6as

ciscoios_xeMatch3.13.6s

ciscoios_xeMatch3.14.0s

ciscoios_xeMatch3.14.1s

ciscoios_xeMatch3.14.2s

ciscoios_xeMatch3.14.3s

ciscoios_xeMatch3.14.4s

ciscoios_xeMatch3.15.0s

ciscoios_xeMatch3.15.1cs

ciscoios_xeMatch3.15.1s

ciscoios_xeMatch3.15.2s

ciscoios_xeMatch3.15.3s

ciscoios_xeMatch3.15.4s

ciscoios_xeMatch3.16.0cs

ciscoios_xeMatch3.16.0s

ciscoios_xeMatch3.16.1as

ciscoios_xeMatch3.16.1s

ciscoios_xeMatch3.16.2as

ciscoios_xeMatch3.16.2bs

ciscoios_xeMatch3.16.2s

ciscoios_xeMatch3.16.3as

ciscoios_xeMatch3.16.3s

ciscoios_xeMatch3.16.4as

ciscoios_xeMatch3.16.4bs

ciscoios_xeMatch3.16.4ds

ciscoios_xeMatch3.16.4s

ciscoios_xeMatch3.16.5s

ciscoios_xeMatch3.17.0s

ciscoios_xeMatch3.17.1as

ciscoios_xeMatch3.17.1s

ciscoios_xeMatch3.17.2s

ciscoios_xeMatch3.17.3s

ciscoios_xeMatch3.18.0as

ciscoios_xeMatch3.18.0s

ciscoios_xeMatch3.18.0sp

ciscoios_xeMatch3.18.1asp

ciscoios_xeMatch3.18.1bsp

ciscoios_xeMatch3.18.1s

ciscoios_xeMatch3.18.1sp

ciscoios_xeMatch3.18.2s

ciscoios_xeMatch3.18.3vs

VendorProductVersionCPE
ciscoios15.2(3)ecpe:2.3:o:cisco:ios:15.2\(3\)e:*:*:*:*:*:*:*
ciscoios15.2(3)e1cpe:2.3:o:cisco:ios:15.2\(3\)e1:*:*:*:*:*:*:*
ciscoios15.2(3)e2cpe:2.3:o:cisco:ios:15.2\(3\)e2:*:*:*:*:*:*:*
ciscoios15.2(3)e3cpe:2.3:o:cisco:ios:15.2\(3\)e3:*:*:*:*:*:*:*
ciscoios15.2(4)ecpe:2.3:o:cisco:ios:15.2\(4\)e:*:*:*:*:*:*:*
ciscoios15.2(4)e1cpe:2.3:o:cisco:ios:15.2\(4\)e1:*:*:*:*:*:*:*
ciscoios15.2(4)e2cpe:2.3:o:cisco:ios:15.2\(4\)e2:*:*:*:*:*:*:*
ciscoios15.2(5)ecpe:2.3:o:cisco:ios:15.2\(5\)e:*:*:*:*:*:*:*
ciscoios15.2(5b)ecpe:2.3:o:cisco:ios:15.2\(5b\)e:*:*:*:*:*:*:*
ciscoios15.3(3)scpe:2.3:o:cisco:ios:15.3\(3\)s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.2(3)e	cpe:2.3:o:cisco:ios:15.2\(3\)e:::::::*
cisco	ios	15.2(3)e1	cpe:2.3:o:cisco:ios:15.2\(3\)e1:::::::*
cisco	ios	15.2(3)e2	cpe:2.3:o:cisco:ios:15.2\(3\)e2:::::::*
cisco	ios	15.2(3)e3	cpe:2.3:o:cisco:ios:15.2\(3\)e3:::::::*
cisco	ios	15.2(4)e	cpe:2.3:o:cisco:ios:15.2\(4\)e:::::::*
cisco	ios	15.2(4)e1	cpe:2.3:o:cisco:ios:15.2\(4\)e1:::::::*
cisco	ios	15.2(4)e2	cpe:2.3:o:cisco:ios:15.2\(4\)e2:::::::*
cisco	ios	15.2(5)e	cpe:2.3:o:cisco:ios:15.2\(5\)e:::::::*
cisco	ios	15.2(5b)e	cpe:2.3:o:cisco:ios:15.2\(5b\)e:::::::*
cisco	ios	15.3(3)s	cpe:2.3:o:cisco:ios:15.3\(3\)s:::::::*

Rows per page:

1-10 of 1431

References

www.securityfocus.com/bid/96971

www.securitytracker.com/id/1038065

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

Related for NVD:CVE-2017-3850

cvelist1 openvas2 cisco1 cve1 prion1 nessus2