Details of VAR-201709-0655

ID

VAR-201709-0655

CVE

CVE-2017-12240

TITLE

Cisco IOS and IOS XE Software Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-008509

DESCRIPTION

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959. Vendors have confirmed this vulnerability Bug ID CSCsm45390 and CSCuw77959 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Cisco IOS and IOSXE are operating systems developed by Cisco for its network devices. Failed attempts will likely result in denial-of-service conditions. DHCP relay is one of the components used to implement the function of processing and forwarding DHCP information between different subnets and physical network segments

Trust: 2.61

sources: NVD: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNVD: CNVD-2017-34250 // BID: 101034 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-34250

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	gte	version:	12.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.6	Trust: 1.0
vendor:	cisco	model:	ios 12.2src	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	ios 15.1 m9	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios 12.2 se	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios 12.2 sxh	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios 12.2 srb4	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(13\)	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(22\)ea1a	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(10\)da5	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(12c\)ec1	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(12c\)ec	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(12c\)ex1	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(2\)yk1	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(11b\)e2	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(12c\)ew2	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1\(12c\)ex	Trust: 0.6

sources: CNVD: CNVD-2017-34250 // BID: 101034 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12240
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-12240
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-34250
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201709-1294
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-102743
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-12240
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-12240
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-34250
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-102743
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12240
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-12240
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-34250 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-20	Trust: 1.9

sources: VULHUB: VHN-102743 // JVNDB: JVNDB-2017-008509 // NVD: CVE-2017-12240

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1294

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201709-1294

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008509

PATCH

title:	CSCsm45390 - DHCP relay security vulnerability	url:	https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390	Trust: 0.8
title:	CSCuw77959 - 1801M - %DATACORRUPTION-1-DATAINCONSISTENCY: copy error	url:	https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959	Trust: 0.8
title:	cisco-sa-20170927-dhcp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp	Trust: 0.8
title:	Patch for Cisco IOS and IOSXESoftware Buffer Overflow Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/104505	Trust: 0.6
title:	Cisco IOS and IOS XE Software DHCP relay Fixes for Subsystem Buffer Error Vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100084	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20170927-dhcp	Trust: 0.1

sources: CNVD: CNVD-2017-34250 // VULMON: CVE-2017-12240 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12240	Trust: 3.5
db:	BID	id:	101034	Trust: 2.7
db:	SECTRACK	id:	1039445	Trust: 1.8
db:	JVNDB	id:	JVNDB-2017-008509	Trust: 0.8
db:	CNNVD	id:	CNNVD-201709-1294	Trust: 0.7
db:	CNVD	id:	CNVD-2017-34250	Trust: 0.6
db:	VULHUB	id:	VHN-102743	Trust: 0.1
db:	VULMON	id:	CVE-2017-12240	Trust: 0.1

sources: CNVD: CNVD-2017-34250 // VULHUB: VHN-102743 // VULMON: CVE-2017-12240 // BID: 101034 // JVNDB: JVNDB-2017-008509 // CNNVD: CNNVD-201709-1294 // NVD: CVE-2017-12240

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-dhcp	Trust: 2.8
url:	http://www.securityfocus.com/bid/101034	Trust: 1.9
url:	https://quickview.cloudapps.cisco.com/quickview/bug/cscsm45390	Trust: 1.8
url:	https://quickview.cloudapps.cisco.com/quickview/bug/cscuw77959	Trust: 1.8
url:	http://www.securitytracker.com/id/1039445	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12240	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12240	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101034

SOURCES

db:	CNVD	id:	CNVD-2017-34250
db:	VULHUB	id:	VHN-102743
db:	VULMON	id:	CVE-2017-12240
db:	BID	id:	101034
db:	JVNDB	id:	JVNDB-2017-008509
db:	CNNVD	id:	CNNVD-201709-1294
db:	NVD	id:	CVE-2017-12240

LAST UPDATE DATE

2024-08-14T15:18:38.158000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-34250	date:	2017-11-17T00:00:00
db:	VULHUB	id:	VHN-102743	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2017-12240	date:	2019-10-09T00:00:00
db:	BID	id:	101034	date:	2017-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2017-008509	date:	2017-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201709-1294	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12240	date:	2024-07-16T17:26:13.523

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-34250	date:	2017-11-17T00:00:00
db:	VULHUB	id:	VHN-102743	date:	2017-09-29T00:00:00
db:	VULMON	id:	CVE-2017-12240	date:	2017-09-29T00:00:00
db:	BID	id:	101034	date:	2017-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2017-008509	date:	2017-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201709-1294	date:	2017-09-28T00:00:00
db:	NVD	id:	CVE-2017-12240	date:	2017-09-29T01:34:49.077