ID

VAR-201709-0655


CVE

CVE-2017-12240


TITLE

Cisco IOS and IOS XE Software Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-008509

DESCRIPTION

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959. Vendors have confirmed this vulnerability Bug ID CSCsm45390 and CSCuw77959 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Cisco IOS and IOSXE are operating systems developed by Cisco for its network devices. Failed attempts will likely result in denial-of-service conditions. DHCP relay is one of the components used to implement the function of processing and forwarding DHCP information between different subnets and physical network segments

Trust: 2.61

sources: NVD: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNVD: CNVD-2017-34250 // BID: 101034 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-34250

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:lteversion:15.6

Trust: 1.0

vendor:ciscomodel:iosscope:gteversion:12.2

Trust: 1.0

vendor:ciscomodel:ios 12.2srcscope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.9

vendor:ciscomodel:ios 15.1 m9scope: - version: -

Trust: 0.9

vendor:ciscomodel:ios 12.2 sescope: - version: -

Trust: 0.9

vendor:ciscomodel:ios 12.2 sxhscope: - version: -

Trust: 0.9

vendor:ciscomodel:ios 12.2 srb4scope: - version: -

Trust: 0.9

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.1\(13\)

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(22\)ea1a

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(10\)da5

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(12c\)ec1

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(12c\)ec

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(12c\)ex1

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(2\)yk1

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(11b\)e2

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(12c\)ew2

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.1\(12c\)ex

Trust: 0.6

sources: CNVD: CNVD-2017-34250 // BID: 101034 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12240
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-12240
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-34250
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-1294
value: CRITICAL

Trust: 0.6

VULHUB: VHN-102743
value: HIGH

Trust: 0.1

VULMON: CVE-2017-12240
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12240
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2017-34250
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-102743
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12240
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-12240
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2017-34250 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-102743 // JVNDB: JVNDB-2017-008509 // NVD: CVE-2017-12240

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1294

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201709-1294

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008509

PATCH

title:CSCsm45390 - DHCP relay security vulnerabilityurl:https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390

Trust: 0.8

title:CSCuw77959 - 1801M - %DATACORRUPTION-1-DATAINCONSISTENCY: copy errorurl:https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959

Trust: 0.8

title:cisco-sa-20170927-dhcpurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp

Trust: 0.8

title:Patch for Cisco IOS and IOSXESoftware Buffer Overflow Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/104505

Trust: 0.6

title:Cisco IOS and IOS XE Software DHCP relay Fixes for Subsystem Buffer Error Vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100084

Trust: 0.6

title:Cisco: Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20170927-dhcp

Trust: 0.1

sources: CNVD: CNVD-2017-34250 // VULMON: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294

EXTERNAL IDS

db:NVDid:CVE-2017-12240

Trust: 3.5

db:BIDid:101034

Trust: 2.7

db:SECTRACKid:1039445

Trust: 1.8

db:JVNDBid:JVNDB-2017-008509

Trust: 0.8

db:CNNVDid:CNNVD-201709-1294

Trust: 0.7

db:CNVDid:CNVD-2017-34250

Trust: 0.6

db:VULHUBid:VHN-102743

Trust: 0.1

db:VULMONid:CVE-2017-12240

Trust: 0.1

sources: CNVD: CNVD-2017-34250 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240 // BID: 101034 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-dhcp

Trust: 2.8

url:http://www.securityfocus.com/bid/101034

Trust: 1.9

url:https://quickview.cloudapps.cisco.com/quickview/bug/cscsm45390

Trust: 1.8

url:https://quickview.cloudapps.cisco.com/quickview/bug/cscuw77959

Trust: 1.8

url:http://www.securitytracker.com/id/1039445

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12240

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-12240

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2017-34250 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240 // BID: 101034 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101034

SOURCES

db:CNVDid:CNVD-2017-34250
db:VULHUBid:VHN-102743
db:VULMONid:CVE-2017-12240
db:BIDid:101034
db:JVNDBid:JVNDB-2017-008509
db:CNNVDid:CNNVD-201709-1294
db:NVDid:CVE-2017-12240

LAST UPDATE DATE

2024-11-23T22:22:24.949000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-34250date:2017-11-17T00:00:00
db:VULHUBid:VHN-102743date:2019-10-09T00:00:00
db:VULMONid:CVE-2017-12240date:2019-10-09T00:00:00
db:BIDid:101034date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008509date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1294date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12240date:2024-11-21T03:09:06.497

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-34250date:2017-11-17T00:00:00
db:VULHUBid:VHN-102743date:2017-09-29T00:00:00
db:VULMONid:CVE-2017-12240date:2017-09-29T00:00:00
db:BIDid:101034date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008509date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1294date:2017-09-28T00:00:00
db:NVDid:CVE-2017-12240date:2017-09-29T01:34:49.077