CVSS: 7.8EPSS: 0%CPEs: 491EXPL: 0CVE-2017-12237 – Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2017-12237
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an affected device processes certain IKEv2 packets. An attacker could exploit this vulnerability by sending specific IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. This vulnerability affects Cisco devices that have the Internet Security Association and Key Management Protocol (ISAKMP) enabled. • http://www.securityfocus.com/bid/101037 http://www.securitytracker.com/id/1039460 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ike • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 187EXPL: 0CVE-2017-6665
https://notcve.org/view.php?id=CVE-2017-6665
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la funcionalidad Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante adyacente sin autenticar reinicie el Autonomic Control Plane (ACP) de un sistema afectado y vea los paquetes ACP que se transfieren sin cifrar dentro de un sistema afectado (vulnerabilidad de divulgación de información). Más información: CSCvd51214. • http://www.securityfocus.com/bid/99969 http://www.securitytracker.com/id/1038998 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 186EXPL: 0CVE-2017-6663 – Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2017-6663
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Una vulnerabilidad en la característica Autonomic Networking de Cisco IOS Software y Cisco IOS XE Software podría permitir que un atacante no autenticado y en redes adyacentes provoque que los nodos autonómicos de un sistema afectado se vuelvan a cargar, lo que resultaría en una condición de denegación de servicio (DoS). Más información: CSCvd88936. • http://www.securityfocus.com/bid/99973 http://www.securitytracker.com/id/1038999 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos •
CVSS: 9.0EPSS: 0%CPEs: 112EXPL: 0CVE-2017-6741
https://notcve.org/view.php?id=CVE-2017-6741
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. • http://www.securityfocus.com/bid/99345 http://www.securitytracker.com/id/1038808 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •