FKIE_CVE-2017-12219
Vulnerability from fkie_nvd - Published: 2017-09-21 05:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to the inability to handle many large IP fragments for reassembly in a short duration. An attacker could exploit this vulnerability by sending a crafted stream of IP fragments to the targeted device. An exploit could allow the attacker to cause a DoS condition when the device unexpectedly reloads. Cisco Bug IDs: CSCve82586.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/100926 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1039413 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-spa | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100926 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039413 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-spa | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | spa_301_firmware | 7.6.2 | |
| cisco | spa_301 | - | |
| cisco | spa_303_firmware | 7.6.2 | |
| cisco | spa_303 | - | |
| cisco | spa_500ds_firmware | 7.6.2 | |
| cisco | spa_500ds | - | |
| cisco | spa_500s_firmware | 7.6.2 | |
| cisco | spa_500s | - | |
| cisco | spa_501g_firmware | 7.6.2 | |
| cisco | spa_501g | - | |
| cisco | spa_502g_firmware | 7.6.2 | |
| cisco | spa_502g | - | |
| cisco | spa_504g_firmware | 7.6.2 | |
| cisco | spa_504g | - | |
| cisco | spa_508g_firmware | 7.6.2 | |
| cisco | spa_508g | - | |
| cisco | spa_509g_firmware | 7.6.2 | |
| cisco | spa_509g | - | |
| cisco | spa_512g_firmware | 7.6.2 | |
| cisco | spa_512g | - | |
| cisco | spa_514g_firmware | 7.6.2 | |
| cisco | spa_514g | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_301_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E955BFE-A202-492C-B0A2-1EC620806988",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_301:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE3C04F-884C-4CD1-8503-DB60CCC1B1F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_303_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED774745-8D65-422A-888F-37D3E71C1682",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_303:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F04B0F29-5620-4714-A151-7CDA2B9D8F2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_500ds_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8347D-0E1A-4E00-9E95-ADC376F867B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_500ds:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3C90F-011D-454C-8E0C-92E72A6EFE1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_500s_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C66A6032-B44B-486B-8522-6DB99314BDEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C72E35-F124-4D09-AA68-0678ACBA590D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_501g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29312DC7-EFF2-4E17-A22B-76F5F8638E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_501g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A258316-4DB6-47AC-90C0-CB9EF777E151",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_502g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A481F1A9-4F99-4AB7-94B7-C7768370D4D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_502g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5DF893E-7E9E-419B-8E7C-E846333646BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_504g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07646977-B2A5-4311-9AFE-605FDC694855",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_504g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F78AAB2-8ECD-4FAA-8A2A-9035F5C59597",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_508g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A002C4EF-8259-4896-A748-57412A8D3375",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_508g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26A21E-CD32-4DED-8A31-4CCA1C4DD642",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_509g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26E77DAF-E479-4F52-88A7-7189B326429D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_509g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4373DD-753A-46A6-BB96-0488EA52157E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_512g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A432C3A-C720-465E-9916-C329718BABCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_512g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBA0C4D-4BB6-455D-8355-F4FACC5D721C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:spa_514g_firmware:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21EF3707-FE37-425B-9C0A-297CB62B28A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:spa_514g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97551DEA-85F9-4A38-A8AC-F477CB7ABC2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to the inability to handle many large IP fragments for reassembly in a short duration. An attacker could exploit this vulnerability by sending a crafted stream of IP fragments to the targeted device. An exploit could allow the attacker to cause a DoS condition when the device unexpectedly reloads. Cisco Bug IDs: CSCve82586."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en la gesti\u00f3n de los fragmentos de IP para Cisco Small Business SPA300, SPA500, y SPA51x Series IP Phones que podr\u00eda permitir a un atacante autenticado remoto provocar que el dispositivo recargue de manera inesperada, provocando una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la incapacidad para gestionar muchos fragmentos de IP largos para reensamblarlos en un espacio de tiempo peque\u00f1o. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una serie de fragmentos de IP manipulados al dispositivo objetivo. Su explotaci\u00f3n podr\u00eda permitir a un atacante provocar una denegaci\u00f3n de servicio cuando el dispositivo recarga de manera inesperada. Cisco Bug IDs: CSCve82586."
}
],
"id": "CVE-2017-12219",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-21T05:29:00.327",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100926"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039413"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-spa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-spa"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…