CVE-2017-12239
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's operating system. The vulnerability exists because an engineering console port is available on the motherboard of the affected line cards. An attacker could exploit this vulnerability by physically connecting to the console port on the line card. A successful exploit could allow the attacker to gain full access to the affected device's operating system. This vulnerability affects only Cisco ASR 1000 Series Routers that have removable line cards and Cisco cBR-8 Converged Broadband Routers, if they are running certain Cisco IOS XE 3.16 through 16.5 releases. Cisco Bug IDs: CSCvc65866, CSCve77132.
Una vulnerabilidad en los puertos de la consola de la placa base de las tarjetas de línea para Cisco ASR 1000 Series Aggregation Services Routers y Cisco cBR-8 Converged Broadband Routers podría permitir que un atacante físico no autenticado acceda al sistema operativo del dispositivo afectado. Existe una vulnerabilidad en la que un puerto de consola está disponible en la placa base de las tarjetas de línea afectadas. Un atacante podría explotar esta vulnerabilidad conectándose físicamente al puerto de consola en la tarjeta de línea. Una explotación exitosa podría permitir que un atacante obtenga acceso total al sistema operativo del dispositivo afectado. Esta vulnerabilidad afecta a los routers de la serie ASR 1000 de Cisco que tienen tarjetas de línea extraíbles y routers Cisco cBR-8 Converged Broadband, si ejecutan determinadas distribuciones de Cisco IOS XE desde la 3.16 hasta la 16.5. Cisco Bug IDs: CSCvc65866, CSCve77132.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-08-03 CVE Reserved
- 2017-09-28 CVE Published
- 2023-07-14 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101042 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039454 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039455 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cc | 2021-02-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.0as Search vendor "Cisco" for product "Ios Xe" and version "3.13.0as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.0s Search vendor "Cisco" for product "Ios Xe" and version "3.13.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.1s Search vendor "Cisco" for product "Ios Xe" and version "3.13.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.2as Search vendor "Cisco" for product "Ios Xe" and version "3.13.2as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.2s Search vendor "Cisco" for product "Ios Xe" and version "3.13.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.3s Search vendor "Cisco" for product "Ios Xe" and version "3.13.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.4s Search vendor "Cisco" for product "Ios Xe" and version "3.13.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.5as Search vendor "Cisco" for product "Ios Xe" and version "3.13.5as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.5s Search vendor "Cisco" for product "Ios Xe" and version "3.13.5s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.6as Search vendor "Cisco" for product "Ios Xe" and version "3.13.6as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.13.6s Search vendor "Cisco" for product "Ios Xe" and version "3.13.6s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.14.0s Search vendor "Cisco" for product "Ios Xe" and version "3.14.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.14.1s Search vendor "Cisco" for product "Ios Xe" and version "3.14.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.14.2s Search vendor "Cisco" for product "Ios Xe" and version "3.14.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.14.3s Search vendor "Cisco" for product "Ios Xe" and version "3.14.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.14.4s Search vendor "Cisco" for product "Ios Xe" and version "3.14.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.0s Search vendor "Cisco" for product "Ios Xe" and version "3.15.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.1cs Search vendor "Cisco" for product "Ios Xe" and version "3.15.1cs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.1s Search vendor "Cisco" for product "Ios Xe" and version "3.15.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.2s Search vendor "Cisco" for product "Ios Xe" and version "3.15.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.3s Search vendor "Cisco" for product "Ios Xe" and version "3.15.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.15.4s Search vendor "Cisco" for product "Ios Xe" and version "3.15.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.0as Search vendor "Cisco" for product "Ios Xe" and version "3.16.0as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.0bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.0bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.0cs Search vendor "Cisco" for product "Ios Xe" and version "3.16.0cs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.0s Search vendor "Cisco" for product "Ios Xe" and version "3.16.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.1as Search vendor "Cisco" for product "Ios Xe" and version "3.16.1as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.1s Search vendor "Cisco" for product "Ios Xe" and version "3.16.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.2as Search vendor "Cisco" for product "Ios Xe" and version "3.16.2as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.2bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.2bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.2s Search vendor "Cisco" for product "Ios Xe" and version "3.16.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.3as Search vendor "Cisco" for product "Ios Xe" and version "3.16.3as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.3s Search vendor "Cisco" for product "Ios Xe" and version "3.16.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4as Search vendor "Cisco" for product "Ios Xe" and version "3.16.4as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4cs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4cs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4ds Search vendor "Cisco" for product "Ios Xe" and version "3.16.4ds" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4es Search vendor "Cisco" for product "Ios Xe" and version "3.16.4es" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4gs Search vendor "Cisco" for product "Ios Xe" and version "3.16.4gs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.4s Search vendor "Cisco" for product "Ios Xe" and version "3.16.4s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5as Search vendor "Cisco" for product "Ios Xe" and version "3.16.5as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5bs Search vendor "Cisco" for product "Ios Xe" and version "3.16.5bs" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.16.5s Search vendor "Cisco" for product "Ios Xe" and version "3.16.5s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.17.0s Search vendor "Cisco" for product "Ios Xe" and version "3.17.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.17.1as Search vendor "Cisco" for product "Ios Xe" and version "3.17.1as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.17.1s Search vendor "Cisco" for product "Ios Xe" and version "3.17.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.17.2s Search vendor "Cisco" for product "Ios Xe" and version "3.17.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.17.3s Search vendor "Cisco" for product "Ios Xe" and version "3.17.3s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.0as Search vendor "Cisco" for product "Ios Xe" and version "3.18.0as" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.0s Search vendor "Cisco" for product "Ios Xe" and version "3.18.0s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.0sp Search vendor "Cisco" for product "Ios Xe" and version "3.18.0sp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1asp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1asp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1bsp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1bsp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1csp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1csp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1gsp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1gsp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1hsp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1hsp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1isp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1isp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1s Search vendor "Cisco" for product "Ios Xe" and version "3.18.1s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.1sp Search vendor "Cisco" for product "Ios Xe" and version "3.18.1sp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.2asp Search vendor "Cisco" for product "Ios Xe" and version "3.18.2asp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.2s Search vendor "Cisco" for product "Ios Xe" and version "3.18.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.18.2sp Search vendor "Cisco" for product "Ios Xe" and version "3.18.2sp" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.1a Search vendor "Cisco" for product "Ios Xe" and version "16.3.1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.5b Search vendor "Cisco" for product "Ios Xe" and version "16.3.5b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.6 Search vendor "Cisco" for product "Ios Xe" and version "16.3.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.7 Search vendor "Cisco" for product "Ios Xe" and version "16.3.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.8 Search vendor "Cisco" for product "Ios Xe" and version "16.3.8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.9 Search vendor "Cisco" for product "Ios Xe" and version "16.3.9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.10 Search vendor "Cisco" for product "Ios Xe" and version "16.3.10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.11 Search vendor "Cisco" for product "Ios Xe" and version "16.3.11" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.3 Search vendor "Cisco" for product "Ios Xe" and version "16.4.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1 Search vendor "Cisco" for product "Ios Xe" and version "16.5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.3a Search vendor "Cisco" for product "Ios Xe" and version "16.9.3a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.9.3s Search vendor "Cisco" for product "Ios Xe" and version "16.9.3s" | - |
Affected
| ||||||