Sign-up

ID

VAR-201709-0708


CVE

CVE-2017-12236


TITLE

Cisco IOS XE Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-008505

DESCRIPTION

A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier (EID) to a Routing Locator (RLOC) in the map server/map resolver (MS/MR). The vulnerability is due to a logic error introduced via a code regression for the affected software. An attacker could exploit this vulnerability by sending specific valid map-registration requests, which will be accepted by the MS/MR even if the authentication keys do not match, to the affected software. A successful exploit could allow the attacker to inject invalid mappings of EIDs to RLOCs in the MS/MR of the affected software. This vulnerability affects Cisco devices that are configured with LISP acting as an IPv4 or IPv6 map server. This vulnerability affects Cisco IOS XE Software release trains 3.9E and Everest 16.4. Cisco Bug IDs: CSCvc18008. Vendors have confirmed this vulnerability Bug ID CSCvc18008 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOSXE is an operating system developed by Cisco Systems for its network devices. This may lead to further attacks

Trust: 2.52

sources: NVD: CVE-2017-12236 // JVNDB: JVNDB-2017-008505 // CNVD: CNVD-2017-34217 // BID: 101033 // VULHUB: VHN-102738

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-34217

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.5.1c

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.2.0ja

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.9.1e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.2 to 16.5

Trust: 0.8

vendor:ciscomodel:ios \342\211\245 \342\211\244scope:eqversion:3.216.5

Trust: 0.6

vendor:ciscomodel:ios xe software everestscope:eqversion:16.4

Trust: 0.3

vendor:ciscomodel:ios xe software 3.9escope: - version: -

Trust: 0.3

vendor:ciscomodel:ios xescope:eqversion:16.5

Trust: 0.3

sources: CNVD: CNVD-2017-34217 // BID: 101033 // JVNDB: JVNDB-2017-008505 // CNNVD: CNNVD-201709-1298 // NVD: CVE-2017-12236

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12236
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-12236
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-34217
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-1298
value: CRITICAL

Trust: 0.6

VULHUB: VHN-102738
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12236
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-34217
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-102738
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12236
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-34217 // VULHUB: VHN-102738 // JVNDB: JVNDB-2017-008505 // CNNVD: CNNVD-201709-1298 // NVD: CVE-2017-12236

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-102738 // JVNDB: JVNDB-2017-008505 // NVD: CVE-2017-12236

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1298

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201709-1298

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-008505

PATCH
title:cisco-sa-20170927-lispurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-lisp
Trust: 0.8
title:Cisco IOSXESoftware certification bypasses the patch for the vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/104503
Trust: 0.6
title:Cisco IOS XE Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75183
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-34217 // 
            
            
            
            JVNDB: JVNDB-2017-008505 // 
            
            
            
            CNNVD: CNNVD-201709-1298

EXTERNAL IDS
db:NVDid:CVE-2017-12236
Trust: 3.4
db:BIDid:101033
Trust: 2.6
db:SECTRACKid:1039448
Trust: 1.7
db:JVNDBid:JVNDB-2017-008505
Trust: 0.8
db:CNNVDid:CNNVD-201709-1298
Trust: 0.7
db:CNVDid:CNVD-2017-34217
Trust: 0.6
db:VULHUBid:VHN-102738
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-34217 // 
            
            
            
            VULHUB: VHN-102738 // 
            
            
            
            BID: 101033 // 
            
            
            
            JVNDB: JVNDB-2017-008505 // 
            
            
            
            CNNVD: CNNVD-201709-1298 // 
            
            
            
            NVD: CVE-2017-12236

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-lisp
Trust: 2.6
url:http://www.securityfocus.com/bid/101033
Trust: 2.3
url:http://www.securitytracker.com/id/1039448
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12236
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12236
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-34217 // 
            
            
            
            VULHUB: VHN-102738 // 
            
            
            
            BID: 101033 // 
            
            
            
            JVNDB: JVNDB-2017-008505 // 
            
            
            
            CNNVD: CNNVD-201709-1298 // 
            
            
            
            NVD: CVE-2017-12236

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 101033

SOURCES
db:CNVDid:CNVD-2017-34217
db:VULHUBid:VHN-102738
db:BIDid:101033
db:JVNDBid:JVNDB-2017-008505
db:CNNVDid:CNNVD-201709-1298
db:NVDid:CVE-2017-12236

LAST UPDATE DATE
2024-11-23T22:45:35.971000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-34217date:2017-11-16T00:00:00
db:VULHUBid:VHN-102738date:2019-10-09T00:00:00
db:BIDid:101033date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008505date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1298date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12236date:2024-11-21T03:09:05.913

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-34217date:2017-11-16T00:00:00
db:VULHUBid:VHN-102738date:2017-09-29T00:00:00
db:BIDid:101033date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008505date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1298date:2017-09-28T00:00:00
db:NVDid:CVE-2017-12236date:2017-09-29T01:34:48.937