Sign-up

ID

VAR-201709-0707


CVE

CVE-2017-12235


TITLE

Cisco IOS Input validation vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-008504 // CNNVD: CNNVD-201709-1299

DESCRIPTION

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179. Cisco IOS Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuz47179 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco IOS is an operating system developed by Cisco Systems for its network devices

Trust: 2.79

sources: NVD: CVE-2017-12235 // JVNDB: JVNDB-2017-008504 // CNVD: CNVD-2017-34216 // BID: 101043 // IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // VULHUB: VHN-102737 // VULMON: CVE-2017-12235

IOT TAXONOMY

category:['IoT', 'ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // CNVD: CNVD-2017-34216

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:lteversion:15.6

Trust: 1.0

vendor:ciscomodel:iosscope:gteversion:12.2

Trust: 1.0

vendor:ciscomodel:ios softwarescope:eqversion:0

Trust: 0.9

vendor:ciscomodel:iosscope:eqversion:12.2 to 15.6

Trust: 0.8

vendor:iosmodel:12.2 sescope: - version: -

Trust: 0.6

vendor:iosmodel:15.2 e1scope: - version: -

Trust: 0.6

vendor:iosmodel:15.2 e2scope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(52\)se

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se4

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se3

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se5

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se10

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(52\)se1

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se7

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se6

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:12.2\(55\)se9

Trust: 0.6

vendor:iosmodel:12.2 se1scope: - version: -

Trust: 0.4

vendor:iosmodel:15.0 eyscope: - version: -

Trust: 0.4

vendor:iosmodel:15.0 ey1scope: - version: -

Trust: 0.4

vendor:iosmodel:15.0 ey2scope: - version: -

Trust: 0.4

vendor:iosmodel:15.2 e3scope: - version: -

Trust: 0.4

vendor:iosmodel:15.2 e4scope: - version: -

Trust: 0.4

vendor:iosmodel:15.2 e5scope: - version: -

Trust: 0.4

vendor:ciscomodel:industrial ethernet series switches 15.2 escope:eqversion:2000

Trust: 0.3

vendor:iosmodel:12.2 se3scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se4scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se5scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se6scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se7scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se9scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se10scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se11scope: - version: -

Trust: 0.2

vendor:iosmodel:12.2 se2scope: - version: -

Trust: 0.2

vendor:iosmodel:12.4 jao3ascope: - version: -

Trust: 0.2

vendor:iosmodel:12.4 jao20sscope: - version: -

Trust: 0.2

vendor:iosmodel:12.4 jap1nscope: - version: -

Trust: 0.2

vendor:iosmodel:12.4 jap9scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 ebscope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 ecscope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 ey3scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 sescope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se1scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se3scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se4scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se5scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se6scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se7scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se8scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se9scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se10scope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 se10ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.0 sqd7scope: - version: -

Trust: 0.2

vendor:iosmodel:15.1 sg7ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.1 sg9scope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 eyscope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 escope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 e5ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 e5bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 e6scope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 ebscope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 eb1scope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 eb2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 exscope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 ecscope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 e2ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.2 e2bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jbb6ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jc7scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jc50scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jc51scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jca7scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jda3scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 je1scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jnc4scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jnd2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jnp2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jpbscope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jpb2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.3 jpc3scope: - version: -

Trust: 0.2

vendor:iosmodel:15.4 s5ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.4 s6bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.4 s7ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s2ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s2bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s3ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s4ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s4bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.5 s4dscope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 s1ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 s0ascope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 s2scope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 s3scope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 sp1bscope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 sp1cscope: - version: -

Trust: 0.2

vendor:iosmodel:15.6 sp2ascope: - version: -

Trust: 0.2

sources: IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // CNVD: CNVD-2017-34216 // BID: 101043 // JVNDB: JVNDB-2017-008504 // CNNVD: CNNVD-201709-1299 // NVD: CVE-2017-12235

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12235
value: HIGH

Trust: 1.0

NVD: CVE-2017-12235
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-34216
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-1299
value: HIGH

Trust: 0.6

IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6
value: HIGH

Trust: 0.2

VULHUB: VHN-102737
value: HIGH

Trust: 0.1

VULMON: CVE-2017-12235
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12235
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2017-34216
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-102737
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12235
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2017-12235
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // CNVD: CNVD-2017-34216 // VULHUB: VHN-102737 // VULMON: CVE-2017-12235 // JVNDB: JVNDB-2017-008504 // CNNVD: CNNVD-201709-1299 // NVD: CVE-2017-12235

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-102737 // JVNDB: JVNDB-2017-008504 // NVD: CVE-2017-12235

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1299

TYPE

Input validation error

Trust: 0.8

sources: IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // CNNVD: CNNVD-201709-1299

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-008504

PATCH
title:cisco-sa-20170927-profineturl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet
Trust: 0.8
title:Patch for Cisco IOS Software Denial of Service Vulnerability (CNVD-2017-34216)url:https://www.cnvd.org.cn/patchInfo/show/104654
Trust: 0.6
title:Cisco IOS Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75184
Trust: 0.6
title:Cisco: Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20170927-profinet
Trust: 0.1
title:Known Exploited Vulnerabilities Detectorurl:https://github.com/Ostorlab/KEV 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-34216 // 
            
            
            
            VULMON: CVE-2017-12235 // 
            
            
            
            JVNDB: JVNDB-2017-008504 // 
            
            
            
            CNNVD: CNNVD-201709-1299

EXTERNAL IDS
db:NVDid:CVE-2017-12235
Trust: 3.7
db:BIDid:101043
Trust: 2.7
db:SECTRACKid:1039451
Trust: 1.8
db:CNNVDid:CNNVD-201709-1299
Trust: 0.9
db:CNVDid:CNVD-2017-34216
Trust: 0.8
db:JVNDBid:JVNDB-2017-008504
Trust: 0.8
db:IVDid:DE5659AD-5E8A-44C7-A8B5-DEB58F5289D6
Trust: 0.2
db:VULHUBid:VHN-102737
Trust: 0.1
db:VULMONid:CVE-2017-12235
Trust: 0.1
sources:
            
            
            IVD: de5659ad-5e8a-44c7-a8b5-deb58f5289d6 // 
            
            
            
            CNVD: CNVD-2017-34216 // 
            
            
            
            VULHUB: VHN-102737 // 
            
            
            
            VULMON: CVE-2017-12235 // 
            
            
            
            BID: 101043 // 
            
            
            
            JVNDB: JVNDB-2017-008504 // 
            
            
            
            CNNVD: CNNVD-201709-1299 // 
            
            
            
            NVD: CVE-2017-12235

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-profinet
Trust: 2.7
url:http://www.securityfocus.com/bid/101043
Trust: 2.5
url:http://www.securitytracker.com/id/1039451
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12235
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12235
Trust: 0.8
url:http://www.cisco.com
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-profinet
Trust: 0.1
url:https://github.com/ostorlab/kev
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-34216 // 
            
            
            
            VULHUB: VHN-102737 // 
            
            
            
            VULMON: CVE-2017-12235 // 
            
            
            
            BID: 101043 // 
            
            
            
            JVNDB: JVNDB-2017-008504 // 
            
            
            
            CNNVD: CNNVD-201709-1299 // 
            
            
            
            NVD: CVE-2017-12235

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 101043

SOURCES
db:IVDid:de5659ad-5e8a-44c7-a8b5-deb58f5289d6
db:CNVDid:CNVD-2017-34216
db:VULHUBid:VHN-102737
db:VULMONid:CVE-2017-12235
db:BIDid:101043
db:JVNDBid:JVNDB-2017-008504
db:CNNVDid:CNNVD-201709-1299
db:NVDid:CVE-2017-12235

LAST UPDATE DATE
2024-11-23T23:12:23.326000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-34216date:2017-11-16T00:00:00
db:VULHUBid:VHN-102737date:2019-10-09T00:00:00
db:VULMONid:CVE-2017-12235date:2019-10-09T00:00:00
db:BIDid:101043date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008504date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1299date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12235date:2024-11-21T03:09:05.773

SOURCES RELEASE DATE
db:IVDid:de5659ad-5e8a-44c7-a8b5-deb58f5289d6date:2017-11-16T00:00:00
db:CNVDid:CNVD-2017-34216date:2017-11-16T00:00:00
db:VULHUBid:VHN-102737date:2017-09-29T00:00:00
db:VULMONid:CVE-2017-12235date:2017-09-29T00:00:00
db:BIDid:101043date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008504date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1299date:2017-09-28T00:00:00
db:NVDid:CVE-2017-12235date:2017-09-29T01:34:48.890