CVSS: 7.8EPSS: 0%CPEs: 198EXPL: 0CVE-2017-3856
https://notcve.org/view.php?id=CVE-2017-3856
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. • http://www.securityfocus.com/bid/97007 http://www.securitytracker.com/id/1038101 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2017-3859
https://notcve.org/view.php?id=CVE-2017-3859
A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco ASR 920 Series Aggregation Services Routers that are running an affected release of Cisco IOS XE Software (3.13 through 3.18) and are listening on the DHCP server port. • http://www.securityfocus.com/bid/97008 http://www.securitytracker.com/id/1038104 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3857
https://notcve.org/view.php?id=CVE-2017-3857
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. • http://www.securityfocus.com/bid/97010 http://www.securitytracker.com/id/1038100 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 143EXPL: 0CVE-2017-3850
https://notcve.org/view.php?id=CVE-2017-3850
A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: (1) the device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured); and (2) the device must have a reachable IPv6 interface. An exploit could allow the attacker to cause the affected device to reload. • http://www.securityfocus.com/bid/96971 http://www.securitytracker.com/id/1038065 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 161EXPL: 0CVE-2017-3849
https://notcve.org/view.php?id=CVE-2017-3849
A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. • http://www.securityfocus.com/bid/96972 http://www.securitytracker.com/id/1038064 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani • CWE-20: Improper Input Validation •