Sign-up

ID

VAR-201709-0680


CVE

CVE-2017-12217


TITLE

Cisco ASR 5500 System Architecture Evolution Gateway Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-007983

DESCRIPTION

A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation of GPRS Tunneling Protocol packet headers. An attacker could exploit this vulnerability by sending a malformed GPRS Tunneling Protocol packet to an affected device. A successful exploit could allow the attacker to cause the GTPUMGR process on an affected device to restart unexpectedly, resulting in a partial DoS condition. If the GTPUMGR process restarts, there could be a brief impact on traffic passing through the device. Cisco Bug IDs: CSCve07119. Cisco ASR 5500 System Architecture Evolution (SAE) Gateway Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCve07119 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. A refusal service vulnerability exists in the GPRSTunnelingProtocolingresspackethandler in CiscoASR5500SAEGateways

Trust: 2.52

sources: NVD: CVE-2017-12217 // JVNDB: JVNDB-2017-007983 // CNVD: CNVD-2017-32478 // BID: 100642 // VULHUB: VHN-102717

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-32478

AFFECTED PRODUCTS

vendor:ciscomodel:asr 5500scope:eqversion: -

Trust: 1.6

vendor:ciscomodel:asr seriesscope:eqversion:500021.3.0

Trust: 0.9

vendor:ciscomodel:asr seriesscope:eqversion:500021.2.2

Trust: 0.9

vendor:ciscomodel:asr seriesscope:eqversion:500019.6.1

Trust: 0.9

vendor:ciscomodel:asr 5500scope: - version: -

Trust: 0.8

sources: CNVD: CNVD-2017-32478 // BID: 100642 // JVNDB: JVNDB-2017-007983 // CNNVD: CNNVD-201709-230 // NVD: CVE-2017-12217

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12217
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-12217
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-32478
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201709-230
value: MEDIUM

Trust: 0.6

VULHUB: VHN-102717
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12217
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-32478
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-102717
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12217
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-32478 // VULHUB: VHN-102717 // JVNDB: JVNDB-2017-007983 // CNNVD: CNNVD-201709-230 // NVD: CVE-2017-12217

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-102717 // JVNDB: JVNDB-2017-007983 // NVD: CVE-2017-12217

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-230

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 100642 // CNNVD: CNNVD-201709-230

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-007983

PATCH
title:cisco-sa-20170906-asrurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-asr
Trust: 0.8
title:CiscoASR5500SystemArchitectureEvolutionGateway Denial of Service Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/104406
Trust: 0.6
title:Cisco ASR 5500 System Architecture Evolution Gateways Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74584
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-32478 // 
            
            
            
            JVNDB: JVNDB-2017-007983 // 
            
            
            
            CNNVD: CNNVD-201709-230

EXTERNAL IDS
db:NVDid:CVE-2017-12217
Trust: 3.4
db:BIDid:100642
Trust: 2.6
db:SECTRACKid:1039276
Trust: 1.7
db:JVNDBid:JVNDB-2017-007983
Trust: 0.8
db:CNNVDid:CNNVD-201709-230
Trust: 0.7
db:CNVDid:CNVD-2017-32478
Trust: 0.6
db:VULHUBid:VHN-102717
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-32478 // 
            
            
            
            VULHUB: VHN-102717 // 
            
            
            
            BID: 100642 // 
            
            
            
            JVNDB: JVNDB-2017-007983 // 
            
            
            
            CNNVD: CNNVD-201709-230 // 
            
            
            
            NVD: CVE-2017-12217

REFERENCES
url:http://www.securityfocus.com/bid/100642
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170906-asr
Trust: 2.0
url:http://www.securitytracker.com/id/1039276
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-12217
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12217
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-32478 // 
            
            
            
            VULHUB: VHN-102717 // 
            
            
            
            BID: 100642 // 
            
            
            
            JVNDB: JVNDB-2017-007983 // 
            
            
            
            CNNVD: CNNVD-201709-230 // 
            
            
            
            NVD: CVE-2017-12217

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 100642

SOURCES
db:CNVDid:CNVD-2017-32478
db:VULHUBid:VHN-102717
db:BIDid:100642
db:JVNDBid:JVNDB-2017-007983
db:CNNVDid:CNNVD-201709-230
db:NVDid:CVE-2017-12217

LAST UPDATE DATE
2024-11-23T22:42:03.912000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-32478date:2017-11-02T00:00:00
db:VULHUBid:VHN-102717date:2019-10-09T00:00:00
db:BIDid:100642date:2017-09-06T00:00:00
db:JVNDBid:JVNDB-2017-007983date:2017-10-05T00:00:00
db:CNNVDid:CNNVD-201709-230date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12217date:2024-11-21T03:09:03.310

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-32478date:2017-11-02T00:00:00
db:VULHUBid:VHN-102717date:2017-09-07T00:00:00
db:BIDid:100642date:2017-09-06T00:00:00
db:JVNDBid:JVNDB-2017-007983date:2017-10-05T00:00:00
db:CNNVDid:CNNVD-201709-230date:2017-09-12T00:00:00
db:NVDid:CVE-2017-12217date:2017-09-07T21:29:00.380