Details of VAR-201709-0676

ID

VAR-201709-0676

CVE

CVE-2017-12213

TITLE

Cisco IOS XE Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-008145

DESCRIPTION

A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the attacker to pass traffic to the default VLAN of the affected port. The vulnerability is due to an uncaught error condition that may occur during the reassignment of the auth-default-ACL dynamic ACL to a switch port after 802.1x authentication fails. A successful exploit of this issue could allow a physically adjacent attacker to bypass 802.1x authentication and cause the affected port to fail open, allowing the attacker to pass traffic to the default VLAN of the affected switch port. Cisco Bug IDs: CSCvc72751. Cisco IOS XE Contains an authentication vulnerability. Vendors have confirmed this vulnerability Bug IDs: CSCvc72751 It is released as.Information may be tampered with. Cisco Catalyst 4000 Series Switches are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and obtains sensitive information. This may lead to further attacks. IOS XE Software is one of the operating systems developed for network equipment

Trust: 1.98

sources: NVD: CVE-2017-12213 // JVNDB: JVNDB-2017-008145 // BID: 100663 // VULHUB: VHN-102713

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	3.6(5)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	4000	Trust: 0.3

sources: BID: 100663 // JVNDB: JVNDB-2017-008145 // CNNVD: CNNVD-201709-232 // NVD: CVE-2017-12213

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12213
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-12213
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201709-232
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-102713
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-12213
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-102713
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12213
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-102713 // JVNDB: JVNDB-2017-008145 // CNNVD: CNNVD-201709-232 // NVD: CVE-2017-12213

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-102713 // JVNDB: JVNDB-2017-008145 // NVD: CVE-2017-12213

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201709-232

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201709-232

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008145

PATCH

title:	cisco-sa-20170906-cat	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-cat	Trust: 0.8
title:	Cisco Catalyst 4000 Series Switches IOS XE Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74586	Trust: 0.6

sources: JVNDB: JVNDB-2017-008145 // CNNVD: CNNVD-201709-232

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12213	Trust: 2.8
db:	BID	id:	100663	Trust: 2.0
db:	SECTRACK	id:	1039284	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-008145	Trust: 0.8
db:	CNNVD	id:	CNNVD-201709-232	Trust: 0.7
db:	VULHUB	id:	VHN-102713	Trust: 0.1

sources: VULHUB: VHN-102713 // BID: 100663 // JVNDB: JVNDB-2017-008145 // CNNVD: CNNVD-201709-232 // NVD: CVE-2017-12213

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170906-cat	Trust: 2.0
url:	http://www.securityfocus.com/bid/100663	Trust: 1.7
url:	http://www.securitytracker.com/id/1039284	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12213	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12213	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-102713 // BID: 100663 // JVNDB: JVNDB-2017-008145 // CNNVD: CNNVD-201709-232 // NVD: CVE-2017-12213

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 100663

SOURCES

db:	VULHUB	id:	VHN-102713
db:	BID	id:	100663
db:	JVNDB	id:	JVNDB-2017-008145
db:	CNNVD	id:	CNNVD-201709-232
db:	NVD	id:	CVE-2017-12213

LAST UPDATE DATE

2024-11-23T22:22:24.917000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-102713	date:	2019-10-09T00:00:00
db:	BID	id:	100663	date:	2017-09-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-008145	date:	2017-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201709-232	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12213	date:	2024-11-21T03:09:02.813

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-102713	date:	2017-09-07T00:00:00
db:	BID	id:	100663	date:	2017-09-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-008145	date:	2017-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201709-232	date:	2017-09-12T00:00:00
db:	NVD	id:	CVE-2017-12213	date:	2017-09-07T21:29:00.317