Details of VAR-201708-1319

ID

VAR-201708-1319

CVE

CVE-2017-6665

TITLE

Cisco IOS software and Cisco IOS XE Vulnerabilities related to sending sensitive information in clear text in software

Trust: 0.8

sources: JVNDB: JVNDB-2017-006778

DESCRIPTION

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system, an Information Disclosure Vulnerability. More Information: CSCvd51214. Known Affected Releases: Denali-16.2.1 Denali-16.3.1. Vendors must Bug ID CSCvd51214 It is published as.Information may be obtained. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Successful exploit will allow attackers to view ACP packets in clear-text or cause denial-of-service conditions. This may result in further attacks

Trust: 2.52

sources: NVD: CVE-2017-6665 // JVNDB: JVNDB-2017-006778 // CNVD: CNVD-2017-26588 // BID: 99969 // VULHUB: VHN-114868

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-26588

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.1s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e6	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0e	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s6a	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s8	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s8a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp1b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.8as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3sp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5a\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s4a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.7as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.5as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s4d	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.7\(3\)m	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1bsp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.1s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sn	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)sn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0ex	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s2b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s6b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.4s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5b\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s4b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.5s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp1c	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2asp	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp2a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4ds	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3a\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s7a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6as	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3a\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(5\)e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.3e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)s1a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)sp3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.2s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(2\)s0a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t0a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.3s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s2	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2017-26588 // BID: 99969 // JVNDB: JVNDB-2017-006778 // CNNVD: CNNVD-201707-1425 // NVD: CVE-2017-6665

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6665
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6665
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-26588
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201707-1425
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-114868
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-6665
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-26588
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-114868
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6665
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2017-6665
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-26588 // VULHUB: VHN-114868 // JVNDB: JVNDB-2017-006778 // CNNVD: CNNVD-201707-1425 // NVD: CVE-2017-6665

PROBLEMTYPE DATA

problemtype:	CWE-319	Trust: 1.1
problemtype:	Sending important information in clear text (CWE-319) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-200	Trust: 0.1

sources: VULHUB: VHN-114868 // JVNDB: JVNDB-2017-006778 // NVD: CVE-2017-6665

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201707-1425

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201707-1425

PATCH

title:	cisco-sa-20170726-aniacp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp	Trust: 0.8
title:	Patch for Cisco IOS and IOSXE Information Disclosure Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/102090	Trust: 0.6

sources: CNVD: CNVD-2017-26588 // JVNDB: JVNDB-2017-006778

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6665	Trust: 4.2
db:	BID	id:	99969	Trust: 2.6
db:	SECTRACK	id:	1038998	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-006778	Trust: 0.8
db:	CNNVD	id:	CNNVD-201707-1425	Trust: 0.7
db:	CNVD	id:	CNVD-2017-26588	Trust: 0.6
db:	VULHUB	id:	VHN-114868	Trust: 0.1

sources: CNVD: CNVD-2017-26588 // VULHUB: VHN-114868 // BID: 99969 // JVNDB: JVNDB-2017-006778 // CNNVD: CNNVD-201707-1425 // NVD: CVE-2017-6665

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170726-aniacp	Trust: 2.6
url:	http://www.securityfocus.com/bid/99969	Trust: 1.7
url:	http://www.securitytracker.com/id/1038998	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6665	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-26588 // VULHUB: VHN-114868 // BID: 99969 // JVNDB: JVNDB-2017-006778 // CNNVD: CNNVD-201707-1425 // NVD: CVE-2017-6665

CREDITS

Omar Eissa from ERNW.

Trust: 0.9

sources: BID: 99969 // CNNVD: CNNVD-201707-1425

SOURCES

db:	CNVD	id:	CNVD-2017-26588
db:	VULHUB	id:	VHN-114868
db:	BID	id:	99969
db:	JVNDB	id:	JVNDB-2017-006778
db:	CNNVD	id:	CNNVD-201707-1425
db:	NVD	id:	CVE-2017-6665

LAST UPDATE DATE

2024-11-23T22:38:26.423000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-26588	date:	2017-09-14T00:00:00
db:	VULHUB	id:	VHN-114868	date:	2019-10-03T00:00:00
db:	BID	id:	99969	date:	2017-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2017-006778	date:	2024-03-06T05:44:00
db:	CNNVD	id:	CNNVD-201707-1425	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-6665	date:	2024-11-21T03:30:15.440

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-26588	date:	2017-09-13T00:00:00
db:	VULHUB	id:	VHN-114868	date:	2017-08-07T00:00:00
db:	BID	id:	99969	date:	2017-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2017-006778	date:	2017-09-04T00:00:00
db:	CNNVD	id:	CNNVD-201707-1425	date:	2017-07-31T00:00:00
db:	NVD	id:	CVE-2017-6665	date:	2017-08-07T06:29:00.293