CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12319 – Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2017-12319
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. The vulnerability exists due to changes in the implementation of the BGP MPLS-Based Ethernet VPN RFC (RFC 7432) draft between IOS XE software releases. When the BGP Inclusive Multicast Ethernet Tag Route or BGP EVPN MAC/IP Advertisement Route update packet is received, it could be possible that the IP address length field is miscalculated. An attacker could exploit this vulnerability by sending a crafted BGP packet to an affected device after the BGP session was established. An exploit could allow the attacker to cause the affected device to reload or corrupt the BGP routing table; either outcome would result in a DoS. • http://www.securityfocus.com/bid/101676 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171103-bgp • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12304
https://notcve.org/view.php?id=CVE-2017-12304
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface on an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the web-based management interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf60862. • http://www.securityfocus.com/bid/101856 http://www.securitytracker.com/id/1039825 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ios • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12289
https://notcve.org/view.php?id=CVE-2017-12289
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging that causes sensitive information to be written to the log file. This information should be restricted. An attacker who has valid administrative credentials could exploit this vulnerability by authenticating to the device and enabling conditional, verbose debug logging for IPsec and viewing the log file. An exploit could allow the attacker to access sensitive information related to the IPsec configuration. • http://www.securityfocus.com/bid/101509 http://www.securitytracker.com/id/1039628 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-cisco-ios-xe1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 581EXPL: 0CVE-2017-12228
https://notcve.org/view.php?id=CVE-2017-12228
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software. Cisco Bug IDs: CSCvc33171. • http://www.securityfocus.com/bid/101065 http://www.securitytracker.com/id/1039450 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-pnp • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 126EXPL: 0CVE-2017-12231 – Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2017-12231
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. • http://www.securityfocus.com/bid/101039 http://www.securitytracker.com/id/1039449 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat • CWE-399: Resource Management Errors •