CVE-2017-12233
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 12.4 to 15.6 |
| Running on/with | Platform Versions |
|---|---|
Cisco 1000 Integrated Services Router | All versions |
Cisco 1100 4g/6g Integrated Services Router | All versions |
Cisco 1100 4g Integrated Services Router | All versions |
Cisco 1100 4gltegb Integrated Services Router | All versions |
Cisco 1100 4gltena Integrated Services Router | All versions |
Cisco 1100 4p | All versions |
Cisco 1100 4p Integrated Services Router | All versions |
Cisco 1100 6g Integrated Services Router | All versions |
Cisco 1100 8p | All versions |
Cisco 1100 8p Integrated Services Router | All versions |
Cisco 1100 Lte Integrated Services Router | All versions |
Cisco 1100 Integrated Services Router | All versions |
Cisco 1100 Terminal Services Gateways | All versions |
Cisco 1101 4p | All versions |
Cisco 1101 4p Integrated Services Router | All versions |
Cisco 1101 Integrated Services Router | All versions |
Cisco 1109 2p | All versions |
Cisco 1109 4p | All versions |
Cisco 1111 4pwe | All versions |
Cisco 1111 8pwb | All versions |
Cisco 1111x 8p | All versions |
Cisco 1113 8plteeawe | All versions |
Cisco 1113 8pmwe | All versions |
Cisco 1113 8pwe | All versions |
Cisco 1116 4plteeawe | All versions |
Cisco 1116 4pwe | All versions |
Cisco 1117 4plteeawe | All versions |
Cisco 1117 4pmlteeawe | All versions |
Cisco 1117 4pmwe | All versions |
Cisco 1117 4pwe | All versions |
Cisco 1120 | All versions |
Cisco 1120 Connected Grid Router | All versions |
Cisco 1120 Integrated Services Router | All versions |
Cisco 1131 Integrated Services Router | All versions |
Cisco 1160 Integrated Services Router | All versions |
Cisco 1801 Integrated Service Router | All versions |
Cisco 1802 Integrated Service Router | All versions |
Cisco 1803 Integrated Service Router | All versions |
Cisco 1811 Integrated Service Router | All versions |
Cisco 1812 Integrated Service Router | All versions |
Cisco 1841 Integrated Service Router | All versions |
Cisco 1861 Integrated Service Router | All versions |
Cisco 1905 Integrated Services Router | All versions |
Cisco 1906c Integrated Services Router | All versions |
Cisco 1921 Integrated Services Router | All versions |
Cisco 1941 Integrated Services Router | All versions |
Cisco 1941w Integrated Services Router | All versions |
Cisco Catalyst Ie3200 Rugged Switch | All versions |
Cisco Catalyst Ie3300 Rugged Switch | All versions |
Cisco Catalyst Ie3400 Heavy Duty Switch | All versions |
Cisco Catalyst Ie3400 Rugged Switch | All versions |
Cisco Catalyst Ie9300 | All versions |
Cisco Esr 6300 Con K9 | All versions |
Cisco Esr 6300 Ncp K9 | All versions |
References (7)
Source: psirt@cisco.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@cisco.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Timeline
No history available yet.