CVE-2017-12234

{"id": "CVE-2017-12234", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-09-29T01:34:48.857", "references": [{"url": "http://www.securityfocus.com/bid/101038", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1039459", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la implementaci\u00f3n de una caracter\u00edstica CIP (Common Industrial Protocol) en Cisco IOS desde la versi\u00f3n 12.4 hasta la 15.6 podr\u00edan permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) en consecuencia. Estas vulnerabilidades se deben a un an\u00e1lisis sint\u00e1ctico incorrecto de los paquetes CIP manipulados destinados al dispositivo afectado. Un atacante podr\u00eda explotar estas vulnerabilidades enviando paquetes CIP manipulados para que los procese el dispositivo afectado. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante consiga que el dispositivo afectado se reinicie, provocando una denegaci\u00f3n de servicio. Cisco Bug IDs: CSCvc43709."}], "lastModified": "2024-07-16T17:28:12.417", "cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AE09220-EF68-4DFE-AA9C-E4F5508EDF3D", "versionEndIncluding": "15.6", "versionStartIncluding": "12.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2"}, {"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7"}, {"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"}, {"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB"}, {"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8"}, {"criteria": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA8D5057-138A-42C4-BA35-8077A0A60068"}, {"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7"}, {"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"}, {"criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D"}, {"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6"}, {"criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5"}, {"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"}, {"criteria": "cpe:2.3:h:cisco:1100_terminal_services_gateways:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F9A4ED65-7DED-4EAD-BF37-FCA71E807CA1"}, {"criteria": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "21B10158-5235-483E-BACD-C407609EA6BE"}, {"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2"}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77"}, {"criteria": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8964F9BA-6E6C-44BF-9A8C-93D081B6678C"}, {"criteria": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "51251FE1-67D2-4903-B7D3-E0C727B9A93C"}, {"criteria": "cpe:2.3:h:cisco:1111-4pwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7262ADAB-296F-4DC2-9CD7-A86D7F6441C8"}, {"criteria": "cpe:2.3:h:cisco:1111-8pwb:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3056B31-1977-4472-BC74-19A5B8B5EC44"}, {"criteria": "cpe:2.3:h:cisco:1111x-8p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "784E4562-FE26-4049-9D23-4CA46432EE14"}, {"criteria": "cpe:2.3:h:cisco:1113-8plteeawe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9261A638-E2E4-4EF0-84E9-A585BF763263"}, {"criteria": "cpe:2.3:h:cisco:1113-8pmwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C85463D-0B37-4746-B7EA-80F3096305E7"}, {"criteria": "cpe:2.3:h:cisco:1113-8pwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58C04E5B-AC03-440F-9007-0D6761B41F68"}, {"criteria": "cpe:2.3:h:cisco:1116-4plteeawe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29A5E963-2987-4927-862A-6375624FC876"}, {"criteria": "cpe:2.3:h:cisco:1116-4pwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3601499F-AD3B-47EA-816A-A01379CA1A33"}, {"criteria": "cpe:2.3:h:cisco:1117-4plteeawe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "303129EF-9107-4B39-8683-1BD917B3E68D"}, {"criteria": "cpe:2.3:h:cisco:1117-4pmlteeawe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "76B2B271-555B-4439-95D8-086E516F1169"}, {"criteria": "cpe:2.3:h:cisco:1117-4pmwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6CB321CD-9096-4F75-AD2F-4EAE1CA75D76"}, {"criteria": "cpe:2.3:h:cisco:1117-4pwe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98F31C77-0303-4FD9-B968-6B430202C6AD"}, {"criteria": "cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D2D64BDE-0D00-4FBE-873B-F5D52AD0C5A2"}, {"criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3"}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"}, {"criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984"}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350"}, {"criteria": "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D5E48D7-2266-4649-90A9-62C476AFE6DE"}, {"criteria": "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99581637-E184-4A02-8313-57C7C31E5479"}, {"criteria": "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115"}, {"criteria": "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3AF3F75-0BD8-4AA6-B696-3624BEE86681"}, {"criteria": "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C58CEA6-69F8-4021-98C9-4676C70AB167"}, {"criteria": "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF156D97-7C39-49CF-9938-D9681066FF05"}, {"criteria": "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6"}, {"criteria": "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "871AC0F6-5C01-43A1-8436-7885439BD81F"}, {"criteria": "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB"}, {"criteria": "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2147DBF8-B733-4F76-90C5-9D94F1E93625"}, {"criteria": "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7"}, {"criteria": "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9222CA59-F4FD-478D-83C9-566B389140B8"}, {"criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD"}, {"criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1"}, {"criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838"}, {"criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71"}, {"criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD"}, {"criteria": "cpe:2.3:h:cisco:esr-6300-con-k9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5E69A6F-DFC0-4C8A-B77F-B7329FA5F567"}, {"criteria": "cpe:2.3:h:cisco:esr-6300-ncp-k9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BA015C4-7163-4FCD-ADE1-D5481B10EACA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability"}