Details of VAR-201702-0816

ID

VAR-201702-0816

CVE

CVE-2017-3792

TITLE

Cisco TelePresence MCU Software kernel proprietary device driver arbitrary code execution vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-001401

DESCRIPTION

A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco TelePresence MCU platforms TelePresence MCU 5300 Series, TelePresence MCU MSE 8510 and TelePresence MCU 4500 are affected when running software version 4.3(1.68) or later configured for Passthrough content mode. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available, but mitigations are available. Cisco Bug IDs: CSCuu67675. Cisco TelePresence Multipoint Control Unit is prone to a remote code-execution vulnerability. Failed attempts will likely result in denial-of-service conditions. Cisco TelePresence Server is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). Mobility Services Engine (MSE) is a set of platforms (mobile service engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. 8710 Processors is one of those processes. Cisco TelePresence Software is one of the video conferencing software running on Cisco TelePresence Server. The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect. kernel is one of the kernel components. The vulnerability is caused by the program not checking the packet size

Trust: 2.07

sources: NVD: CVE-2017-3792 // JVNDB: JVNDB-2017-001401 // BID: 95787 // VULHUB: VHN-111995 // VULMON: CVE-2017-3792

AFFECTED PRODUCTS

vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5_\(1.72\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4_\(3.49\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3_\(2.32\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4_\(3.42\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3_\(2.18\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4_\(3.54\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5_\(1.71\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3_\(1.68\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4_\(3.57\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3_\(2.30\)	Trust: 1.6
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5_\(1.55\)	Trust: 1.0
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5_\(1.85\)	Trust: 1.0
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4_\(3.67\)	Trust: 1.0
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5_\(1.45\)	Trust: 1.0
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3 (1.68)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3 (2.18)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3 (2.30)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.3 (2.32)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4 (3.42)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4 (3.49)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4 (3.54)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4 (3.57)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.4 (3.67)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5 (1.45)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5 (1.55)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5 (1.71)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5 (1.72)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu software	scope:	eq	version:	4.5 (1.85)	Trust: 0.8
vendor:	cisco	model:	telepresence mcu mse	scope:	eq	version:	85104.3(1.68)	Trust: 0.3
vendor:	cisco	model:	telepresence mcu series	scope:	eq	version:	53004.3(1.68)	Trust: 0.3
vendor:	cisco	model:	telepresence mcu	scope:	eq	version:	45004.3(1.68)	Trust: 0.3

sources: BID: 95787 // JVNDB: JVNDB-2017-001401 // CNNVD: CNNVD-201702-066 // NVD: CVE-2017-3792

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3792
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-3792
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201702-066
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-111995
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-3792
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-3792
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-111995
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3792
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-111995 // VULMON: CVE-2017-3792 // JVNDB: JVNDB-2017-001401 // CNNVD: CNNVD-201702-066 // NVD: CVE-2017-3792

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-111995 // JVNDB: JVNDB-2017-001401 // NVD: CVE-2017-3792

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-066

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201702-066

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-001401

PATCH

title:	cisco-sa-20170125-telepresence	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-telepresence	Trust: 0.8
title:	Multiple Cisco product Cisco TelePresence Software Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67452	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/cisco-warns-of-critical-flaw-in-teleconferencing-gear/123435/	Trust: 0.1

sources: VULMON: CVE-2017-3792 // JVNDB: JVNDB-2017-001401 // CNNVD: CNNVD-201702-066

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3792	Trust: 2.9
db:	BID	id:	95787	Trust: 2.1
db:	SECTRACK	id:	1037698	Trust: 1.2
db:	JVNDB	id:	JVNDB-2017-001401	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-066	Trust: 0.7
db:	VULHUB	id:	VHN-111995	Trust: 0.1
db:	VULMON	id:	CVE-2017-3792	Trust: 0.1

sources: VULHUB: VHN-111995 // VULMON: CVE-2017-3792 // BID: 95787 // JVNDB: JVNDB-2017-001401 // CNNVD: CNNVD-201702-066 // NVD: CVE-2017-3792

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170125-telepresence	Trust: 2.1
url:	http://www.securityfocus.com/bid/95787	Trust: 1.8
url:	http://www.securitytracker.com/id/1037698	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3792	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3792	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/cisco-telepresence-cve-2017-3792	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-warns-of-critical-flaw-in-teleconferencing-gear/123435/	Trust: 0.1

sources: VULHUB: VHN-111995 // VULMON: CVE-2017-3792 // BID: 95787 // JVNDB: JVNDB-2017-001401 // CNNVD: CNNVD-201702-066 // NVD: CVE-2017-3792

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 95787

SOURCES

db:	VULHUB	id:	VHN-111995
db:	VULMON	id:	CVE-2017-3792
db:	BID	id:	95787
db:	JVNDB	id:	JVNDB-2017-001401
db:	CNNVD	id:	CNNVD-201702-066
db:	NVD	id:	CVE-2017-3792

LAST UPDATE DATE

2024-11-23T22:18:05.920000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-111995	date:	2017-07-26T00:00:00
db:	VULMON	id:	CVE-2017-3792	date:	2017-07-26T00:00:00
db:	BID	id:	95787	date:	2017-02-02T04:02:00
db:	JVNDB	id:	JVNDB-2017-001401	date:	2017-02-10T00:00:00
db:	CNNVD	id:	CNNVD-201702-066	date:	2017-02-08T00:00:00
db:	NVD	id:	CVE-2017-3792	date:	2024-11-21T03:26:07.423

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-111995	date:	2017-02-01T00:00:00
db:	VULMON	id:	CVE-2017-3792	date:	2017-02-01T00:00:00
db:	BID	id:	95787	date:	2017-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2017-001401	date:	2017-02-10T00:00:00
db:	CNNVD	id:	CNNVD-201702-066	date:	2017-02-08T00:00:00
db:	NVD	id:	CVE-2017-3792	date:	2017-02-01T19:59:00.267