Details of VAR-201703-0892

ID

VAR-201703-0892

CVE

CVE-2017-3881

TITLE

Cisco IOS and Cisco IOS XE of Cisco Cluster Management Protocol Input code vulnerability in processing code

Trust: 0.8

sources: JVNDB: JVNDB-2017-002736

DESCRIPTION

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893. Vendors have confirmed this vulnerability Bug ID CSCvd48893 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Multiple Rockwell Automation products are prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code with elevated privileges. Failed exploit attempts may result in a denial-of-service condition. The following products are vulnerable: Allen-Bradley Stratix 5400 Industrial Ethernet Switches versions 15.2(5)EA.fc4 and prior. Allen-Bradley Stratix 5410 Industrial Distribution Switches versions 15.2(5)EA.fc4 and prior. Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches versions 15.2(5)EA.fc4 and prior. Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches versions 15.2(5)EA.fc4 and prior. Allen-Bradley Stratix 8300 Modular Managed Industrial Ethernet Switches versions 15.2(4a)EA5 and prior. Cisco Catalyst Switches are all switch products of Cisco (Cisco). Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp"] -----BEGIN PGP SIGNATURE----- iQKBBAEBAgBrBQJYzAjfZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHm3jRAAzLR1b6oQbXCkv0yQ GpiGyo0l97V74L+99IvzJzibQrNr/7oFNVc0Sm0SWtGJwhBdIFWKKp7tpfxLFUYw QpgpmOQHfu70kajINv5hshpKReIT2lnUhmAiK0VQzxp8QY/3WboSTjEYLOTmFHHh xb3dNWmvGYiT9tuSvQ70AkMnl2EfU+P+pkucjcku4Vi5Jri7BIIIPjz1by16Juh+ tIB5elmrFOFF/WGRERLo/a3anNlnoszoJxu+m57uS8CYICTnqJKeDEinpm64j0IB 7dWi1qqDTx9973zsmcqUZqeY9kSwierDJW5cii49GrOFOHUeJ9eWCOogEnE1+U4G iz7cJHsQ4qqBF39PBTMlxtY6xjhgGJDkRf3dzJBONH9EfoTpQOFMlO9220/2wlMe SquIU+SY31pW/xHcRfD8NoALZQ5EqrOkbbRXPGe/LwSUcXiFSBL0iMaE/jOPIRRs q6c7lbQr2kay0hTUMovhCvkVUlIC4eJAjwES3vau0EynKlumoYUb2Z7kSAq9QRqU vjHX1Iq+wrh+pM/+GFpx12yJzaDtIrBQSNtB/Jf8p0kNqlja/4Z90DDtwTCTaalR 7hGFyGWo3X3dPBxEL4OcASAaf2uC/J0ozprd0xCS8rsiMfn3rBYWtE6taK88njda 6UdaqFK+zmUBK8rQV0Lu6mOFpOo= =Ql/1 -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2017-3881 // JVNDB: JVNDB-2017-002736 // BID: 96960 // BID: 97391 // VULHUB: VHN-112084 // VULMON: CVE-2017-3881 // PACKETSTORM: 141687

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	lte	version:	3.9e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.1\(3\)svs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	gte	version:	12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	gte	version:	3.2sg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell	model:	automation allen-bradley stratix modular managed industrial ethernet s 15.2 ea.fc4	scope:	eq	version:	8000	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix industrial managed ethernet switches 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix industrial distribution switches 15.2 ea.fc4	scope:	eq	version:	5410	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix industrial ethernet switches 15.2 ea.fc4	scope:	eq	version:	5400	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley armorstratix industrial managed ethernet swit 15.2 ea.fc4	scope:	eq	version:	5700	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd2	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd3	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ec1	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ec	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd5	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd4	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)ec2	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)sqd1	Trust: 0.6
vendor:	cisco	model:	sm-x layer etherswitch service module	scope:	eq	version:	2/30	Trust: 0.3
vendor:	cisco	model:	rf gateway	scope:	eq	version:	100	Trust: 0.3
vendor:	cisco	model:	me 4924-10ge switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios xe 15.0 se10	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0 se10	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ie-5000-16s12p industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-5000-12s12p-10g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4010-4s24p industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4010-16s12p industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-8t4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-8s4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-8gt8gp4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-8gt4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-8gs4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-4tc4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-4t4p4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-4s8p4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-4gs8gp4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-4gc4gp4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-16t4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-4000-16gt4g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-3010-24tc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie-3010-16s-8pc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 3000-8tc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 3000-4tc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8tc-g-n industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8tc-g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8tc-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8tc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8t67p industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-8t67 industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-4ts-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-4ts industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-4t-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-4t industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-4s-ts-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-24t67 industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16tc-g-x industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16tc-g-n industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16tc-g-e industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16tc-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16tc industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16t67p industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16t67 industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ie 2000-16ptc-g industrial ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	gigabit ethernet switch module for hp	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	enhanced layer etherswitch service module	scope:	eq	version:	2/30	Trust: 0.3
vendor:	cisco	model:	enhanced layer etherswitch service module	scope:	eq	version:	20	Trust: 0.3
vendor:	cisco	model:	embedded service ncp switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service ncp b switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service con switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service con b switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service 24tc ncp switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service 24tc ncp b switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service 24tc con switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	embedded service 24tc con b switch	scope:	eq	version:	20200	Trust: 0.3
vendor:	cisco	model:	catalyst switch module for ibm bladecenter	scope:	eq	version:	3110x0	Trust: 0.3
vendor:	cisco	model:	catalyst switch module for ibm bladecenter	scope:	eq	version:	31100	Trust: 0.3
vendor:	cisco	model:	catalyst switch module for ibm bladecenter	scope:	eq	version:	30120	Trust: 0.3
vendor:	cisco	model:	catalyst c2928-48tc-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst c2928-24lt-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for dell m1000e	scope:	eq	version:	31300	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for hp	scope:	eq	version:	3120x0	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for hp	scope:	eq	version:	31200	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for fsc	scope:	eq	version:	30400	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for dell m1000e	scope:	eq	version:	30320	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for dell	scope:	eq	version:	30300	Trust: 0.3
vendor:	cisco	model:	catalyst blade switch for hp	scope:	eq	version:	30200	Trust: 0.3
vendor:	cisco	model:	catalyst 4948e-f ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 4948e ethernet switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst switch	scope:	eq	version:	49480	Trust: 0.3
vendor:	cisco	model:	catalyst gigabit ethernet switch	scope:	eq	version:	4948100	Trust: 0.3
vendor:	cisco	model:	catalyst gigabit ethernet switch	scope:	eq	version:	4928100	Trust: 0.3
vendor:	cisco	model:	catalyst 4900m switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor engine 6l-e	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor engine 6-e	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst series supervisor ii-plus-10ge	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst series supervisor engine v-10ge	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst series supervisor engine ii-plus-ts	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst series supervisor engine ii-plus	scope:	eq	version:	45000	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor engine	scope:	eq	version:	4000/4500v0	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor engine iv	scope:	eq	version:	4000/45000	Trust: 0.3
vendor:	cisco	model:	catalyst supervisor engine i	scope:	eq	version:	40000	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48pf-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48pf-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48pf-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-48p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-24p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-12s-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750x-12s-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750v2-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750v2-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750v2-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750v2-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750v2-24fs switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-24ts-1u switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-24t switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-16td switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-12s-sd switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750g-12s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48pd-sf switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48pd-ef switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-48pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-24td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-24td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750e-24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3750-24fs switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst metro 24-dc switch	scope:	eq	version:	37500	Trust: 0.3
vendor:	cisco	model:	catalyst metro 24-ac switch	scope:	eq	version:	37500	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48pf-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48pf-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48pf-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-48p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24u-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24u-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24u-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24t-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24t-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24t-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24p-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24p-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560x-24p-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560v2-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560v2-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560v2-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560v2-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560v2-24dc switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560g-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560g-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560g-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560g-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48pd-sf switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48pd-ef switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-48pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-24td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-24td-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-24pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-24pd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-12sd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-12sd-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-12d-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560e-12d-e switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-8xpd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-8tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-8pt-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-8pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-12tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-12pd-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cx-12pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cpd-8pt-s compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cg-8tc-s compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560cg-8pc-s compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560c-8pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560c-12pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-8pc compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-48ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-48ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-24ps switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 3560-12pc-s compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst smi switch	scope:	eq	version:	3550480	Trust: 0.3
vendor:	cisco	model:	catalyst emi switch	scope:	eq	version:	3550480	Trust: 0.3
vendor:	cisco	model:	catalyst smi switch	scope:	eq	version:	3550240	Trust: 0.3
vendor:	cisco	model:	catalyst pwr switch	scope:	eq	version:	3550240	Trust: 0.3
vendor:	cisco	model:	catalyst fx smi switch	scope:	eq	version:	3550240	Trust: 0.3
vendor:	cisco	model:	catalyst emi switch	scope:	eq	version:	3550240	Trust: 0.3
vendor:	cisco	model:	catalyst dc smi switch	scope:	eq	version:	3550240	Trust: 0.3
vendor:	cisco	model:	catalyst 12t switch	scope:	eq	version:	35500	Trust: 0.3
vendor:	cisco	model:	catalyst 12g switch	scope:	eq	version:	35500	Trust: 0.3
vendor:	cisco	model:	catalyst switch	scope:	eq	version:	29750	Trust: 0.3
vendor:	cisco	model:	catalyst 2970g-24ts switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2970g-24t switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48ts-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48td-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48lps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48lps-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48lpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48lpd-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48fps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48fps-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48fpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-48fpd-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24ts-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24td-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24ps-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960xr-24pd-i switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48lps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48lpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48fps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-48fpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24psq-l cool switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960x-24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f48ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f48lps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f48fps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f24ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-f24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48lps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48lpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48fps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-48fpd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-24ts-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-24ts-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-24td-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-24ps-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960s-24pd-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960pd-8tt-l compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-8ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-8ps-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-48ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-48ps-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-24ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-24ps-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-16ts-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960l-16ps-ll switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960g-8tc-l compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960g-48tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960g-24tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960cx-8tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960cx-8pc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960cpd-8tt-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960cpd-8pt-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960cg-8tc-l compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960c-8tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960c-8tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960c-8pc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960c-12pc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 48tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 48tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 48pst-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 48pst-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24pc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24lc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-plus 24lc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-8tc-s compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-8tc-l compact switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48tt-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48tt-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48pst-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-48pst-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24tt-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24tc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24tc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24pc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24pc-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24lt-l switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24lc-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2960-24-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2928-24tc-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2918-48tt-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2918-48tc-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2918-24tt-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2918-24tc-c switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2360-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2350-48td-sd switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	catalyst 2350-48td-s switch	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios xe 15.2 e2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 e2	scope:	ne	version:	-	Trust: 0.3

sources: BID: 96960 // BID: 97391 // JVNDB: JVNDB-2017-002736 // CNNVD: CNNVD-201703-840 // NVD: CVE-2017-3881

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3881
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-3881
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201703-840
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-112084
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-3881
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-3881
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-112084
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3881
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-3881
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-112084 // VULMON: CVE-2017-3881 // JVNDB: JVNDB-2017-002736 // CNNVD: CNNVD-201703-840 // NVD: CVE-2017-3881

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-112084 // JVNDB: JVNDB-2017-002736 // NVD: CVE-2017-3881

THREAT TYPE

network

Trust: 0.6

sources: BID: 96960 // BID: 97391

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 97391 // CNNVD: CNNVD-201703-840

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002736

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-112084 // VULMON: CVE-2017-3881

PATCH

title:	cisco-sa-20170317-cmp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp	Trust: 0.8
title:	Multiple Cisco product IOS and IOS XE Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68634	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20170317-cmp	Trust: 0.1
title:	easy_linux_pwn	url:	https://github.com/Phantomn/easy_linux_pwn	Trust: 0.1
title:	easy-linux-pwn	url:	https://github.com/xairy/easy-linux-pwn	Trust: 0.1
title:	CVE-2017-3881	url:	https://github.com/1337g/CVE-2017-3881	Trust: 0.1
title:	CVE-2017-3881-Cisco	url:	https://github.com/homjxi0e/CVE-2017-3881-Cisco	Trust: 0.1
title:	PoC-CVE-2017-3881	url:	https://github.com/zakybstrd21215/PoC-CVE-2017-3881	Trust: 0.1
title:	kenzer-templates	url:	https://github.com/Elsfa7-110/kenzer-templates	Trust: 0.1
title:	kenzer-templates	url:	https://github.com/ARPSyndicate/kenzer-templates	Trust: 0.1
title:	Exp101tsArchiv30thers	url:	https://github.com/nu11secur1ty/Exp101tsArchiv30thers	Trust: 0.1
title:	awesome-cve-poc_qazbnm456	url:	https://github.com/xbl3/awesome-cve-poc_qazbnm456	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-patch-asr-9000-routers/143895/	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2019/04/17/sea_turtle_dns/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-patches-ios-xe-vulnerability-leaked-in-vault-7-dump/125568/	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2017/05/09/cisco_switches_patch_telnet_command/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-warns-of-critical-vulnerability-revealed-in-vault-7-data-dump/124414/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/ciscos-investigation-into-vault-7-leak-uncovers-0-day-affecting-318-products/	Trust: 0.1

sources: VULMON: CVE-2017-3881 // JVNDB: JVNDB-2017-002736 // CNNVD: CNNVD-201703-840

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3881	Trust: 3.0
db:	BID	id:	96960	Trust: 2.1
db:	BID	id:	97391	Trust: 2.1
db:	EXPLOIT-DB	id:	41872	Trust: 1.8
db:	EXPLOIT-DB	id:	41874	Trust: 1.8
db:	SECTRACK	id:	1038059	Trust: 1.8
db:	ICS CERT	id:	ICSA-17-094-03	Trust: 1.5
db:	JVNDB	id:	JVNDB-2017-002736	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-840	Trust: 0.7
db:	EXPLOIT-DB	id:	42122	Trust: 0.2
db:	PACKETSTORM	id:	141687	Trust: 0.2
db:	PACKETSTORM	id:	142132	Trust: 0.1
db:	PACKETSTORM	id:	142121	Trust: 0.1
db:	SEEBUG	id:	SSVID-92932	Trust: 0.1
db:	VULHUB	id:	VHN-112084	Trust: 0.1
db:	VULMON	id:	CVE-2017-3881	Trust: 0.1

sources: VULHUB: VHN-112084 // VULMON: CVE-2017-3881 // BID: 96960 // BID: 97391 // JVNDB: JVNDB-2017-002736 // PACKETSTORM: 141687 // CNNVD: CNNVD-201703-840 // NVD: CVE-2017-3881

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170317-cmp	Trust: 2.9
url:	http://www.securityfocus.com/bid/96960	Trust: 1.8
url:	http://www.securityfocus.com/bid/97391	Trust: 1.8
url:	https://www.exploit-db.com/exploits/41872/	Trust: 1.8
url:	https://www.exploit-db.com/exploits/41874/	Trust: 1.8
url:	http://www.securitytracker.com/id/1038059	Trust: 1.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-094-03	Trust: 1.5
url:	https://nvd.nist.gov/vuln/detail/cve-2017-3881	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3881	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.rockwellautomation.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://github.com/phantomn/easy_linux_pwn	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/42122/	Trust: 0.1
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170317-cmp"]	Trust: 0.1

CREDITS

The vendor reported this issue.

Trust: 0.6

sources: BID: 96960 // BID: 97391

SOURCES

db:	VULHUB	id:	VHN-112084
db:	VULMON	id:	CVE-2017-3881
db:	BID	id:	96960
db:	BID	id:	97391
db:	JVNDB	id:	JVNDB-2017-002736
db:	PACKETSTORM	id:	141687
db:	CNNVD	id:	CNNVD-201703-840
db:	NVD	id:	CVE-2017-3881

LAST UPDATE DATE

2024-11-23T22:56:15.134000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-112084	date:	2020-08-07T00:00:00
db:	VULMON	id:	CVE-2017-3881	date:	2020-08-07T00:00:00
db:	BID	id:	96960	date:	2017-06-05T18:01:00
db:	BID	id:	97391	date:	2017-05-23T16:23:00
db:	JVNDB	id:	JVNDB-2017-002736	date:	2017-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201703-840	date:	2020-08-10T00:00:00
db:	NVD	id:	CVE-2017-3881	date:	2024-11-21T03:26:18.337

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-112084	date:	2017-03-17T00:00:00
db:	VULMON	id:	CVE-2017-3881	date:	2017-03-17T00:00:00
db:	BID	id:	96960	date:	2017-03-17T00:00:00
db:	BID	id:	97391	date:	2017-04-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-002736	date:	2017-04-26T00:00:00
db:	PACKETSTORM	id:	141687	date:	2017-03-17T10:10:00
db:	CNNVD	id:	CNNVD-201703-840	date:	2017-03-23T00:00:00
db:	NVD	id:	CVE-2017-3881	date:	2017-03-17T22:59:00.640