Lucene search

[email protected]NVD:CVE-2017-6612

HistoryJul 25, 2017 - 7:29 p.m.

CVE-2017-6612

2017-07-2519:29:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.

Affected configurations

Nvd

Node

ciscoasr_5000_series_softwareMatch17.3.9.62033

ciscoasr_5000_series_softwareMatch17.7.5

ciscoasr_5000_series_softwareMatch19.6.3

ciscoasr_5000_series_softwareMatch20.1.2

ciscoasr_5000_series_softwareMatch20.2.12

ciscoasr_5000_series_softwareMatch21.0.1

ciscoasr_5000_series_softwareMatch21.1.2

VendorProductVersionCPE
ciscoasr_5000_series_software17.3.9.62033cpe:2.3:a:cisco:asr_5000_series_software:17.3.9.62033:*:*:*:*:*:*:*
ciscoasr_5000_series_software17.7.5cpe:2.3:a:cisco:asr_5000_series_software:17.7.5:*:*:*:*:*:*:*
ciscoasr_5000_series_software19.6.3cpe:2.3:a:cisco:asr_5000_series_software:19.6.3:*:*:*:*:*:*:*
ciscoasr_5000_series_software20.1.2cpe:2.3:a:cisco:asr_5000_series_software:20.1.2:*:*:*:*:*:*:*
ciscoasr_5000_series_software20.2.12cpe:2.3:a:cisco:asr_5000_series_software:20.2.12:*:*:*:*:*:*:*
ciscoasr_5000_series_software21.0.1cpe:2.3:a:cisco:asr_5000_series_software:21.0.1:*:*:*:*:*:*:*
ciscoasr_5000_series_software21.1.2cpe:2.3:a:cisco:asr_5000_series_software:21.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_5000_series_software	17.3.9.62033	cpe:2.3:a:cisco:asr_5000_series_software:17.3.9.62033:::::::*
cisco	asr_5000_series_software	17.7.5	cpe:2.3:a:cisco:asr_5000_series_software:17.7.5:::::::*
cisco	asr_5000_series_software	19.6.3	cpe:2.3:a:cisco:asr_5000_series_software:19.6.3:::::::*
cisco	asr_5000_series_software	20.1.2	cpe:2.3:a:cisco:asr_5000_series_software:20.1.2:::::::*
cisco	asr_5000_series_software	20.2.12	cpe:2.3:a:cisco:asr_5000_series_software:20.2.12:::::::*
cisco	asr_5000_series_software	21.0.1	cpe:2.3:a:cisco:asr_5000_series_software:21.0.1:::::::*
cisco	asr_5000_series_software	21.1.2	cpe:2.3:a:cisco:asr_5000_series_software:21.1.2:::::::*

References

www.securityfocus.com/bid/99920

www.securitytracker.com/id/1038961

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

Related for NVD:CVE-2017-6612

cvelist1 cve1 prion1 cisco1