3 results (0.006 seconds)

CVSS: 7.4EPSS: 0%CPEs: 132EXPL: 0

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload. Una vulnerabilidad en el manejador PROFINET para los mensajes Link Layer Discovery Protocol (LLDP) de Cisco IOS Software y Cisco IOS XE Software, podría permitir a un atacante adyacente no autenticado causar un bloqueo en un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5 • CWE-388: 7PK - Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 10.0EPSS: 97%CPEs: 323EXPL: 7

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. • https://www.exploit-db.com/exploits/41872 https://www.exploit-db.com/exploits/42122 https://github.com/homjxi0e/CVE-2017-3881-exploit-cisco- https://github.com/homjxi0e/CVE-2017-3881-Cisco https://github.com/1337g/CVE-2017-3881 https://github.com/mzakyz666/PoC-CVE-2017-3881 http://www.securityfocus.com/bid/96960 http://www.securityfocus.com/bid/97391 http://www.securitytracker.com/id/1038059 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589. IOS v12.2(52)SE y v12.2(52)SE1 en switches Cisco Industrial Ethernet (IE) 3000 series tiene (1) un nombre de comunidad público con acceso RO y (2) un nombre de comunidad privado de acceso RW, lo que hace más fácil para los atacantes remotos modificar la configuración u obtener información sensible a través de peticiones SNMP, también conocido como Bug ID CSCtf25589. • http://osvdb.org/66120 http://secunia.com/advisories/40407 http://securitytracker.com/id?1024173 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml http://www.kb.cert.org/vuls/id/732671 http://www.securityfocus.com/bid/41436 http://www.vupen.com/english/advisories/2010/1754 https://exchange.xforce.ibmcloud.com/vulnerabilities/60145 • CWE-264: Permissions, Privileges, and Access Controls •