var-201702-0787
Vulnerability from variot
A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. More Information: CSCux68796. Known Affected Releases: 15.5(3)S2.1 15.6(1)S1.1. Known Fixed Releases: 15.4(3)S6.1 15.4(3)S6.2 15.5(3)S2.2 15.5(3)S3 15.6(0.22)S0.23 15.6(1)S2 16.2(0.295) 16.3(0.94) 15.5.3S3. CiscoASR1000SeriesAggregationServicesRoutersrunningCiscoIOSXESoftware is a set of operating systems running on the ASR1000 series routers from Cisco. Cisco IOSXESoftware's \342\200\230SimpleNetworkManagementProtocol(SNMP)\342\200\231 function in Cisco ASR1000Series AggregationServicesRouters has a security vulnerability. This issue is being tracked by Cisco Bug ID CSCux68796. The following versions are affected: Cisco IOS XE Software Release 3.13.6S, 3.16.2S, 3.17.1S
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0787",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.16.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.17.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.13.6s"
},
{
"model": "ios xe software 3.17.1s",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.16.2s",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.13.6s",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000"
},
{
"model": "asr series routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ios xe software 3.17.2s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.16.3s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software 3.13.7s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "BID",
"id": "95934"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3820"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "95934"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3820",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-01168",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-112023",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3820",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3820",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-01168",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-015",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-112023",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "VULHUB",
"id": "VHN-112023"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. More Information: CSCux68796. Known Affected Releases: 15.5(3)S2.1 15.6(1)S1.1. Known Fixed Releases: 15.4(3)S6.1 15.4(3)S6.2 15.5(3)S2.2 15.5(3)S3 15.6(0.22)S0.23 15.6(1)S2 16.2(0.295) 16.3(0.94) 15.5.3S3. CiscoASR1000SeriesAggregationServicesRoutersrunningCiscoIOSXESoftware is a set of operating systems running on the ASR1000 series routers from Cisco. Cisco IOSXESoftware\u0027s \\342\\200\\230SimpleNetworkManagementProtocol(SNMP)\\342\\200\\231 function in Cisco ASR1000Series AggregationServicesRouters has a security vulnerability. \nThis issue is being tracked by Cisco Bug ID CSCux68796. The following versions are affected: Cisco IOS XE Software Release 3.13.6S, 3.16.2S, 3.17.1S",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "BID",
"id": "95934"
},
{
"db": "VULHUB",
"id": "VHN-112023"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3820",
"trust": 3.4
},
{
"db": "BID",
"id": "95934",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1037770",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-01168",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-112023",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "VULHUB",
"id": "VHN-112023"
},
{
"db": "BID",
"id": "95934"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"id": "VAR-201702-0787",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "VULHUB",
"id": "VHN-112023"
}
],
"trust": 1.224805295
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
}
]
},
"last_update_date": "2023-12-18T14:05:51.140000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170201-asrsnmp",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170201-asrsnmp"
},
{
"title": "Patch for CiscoASR1000SeriesRouters Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88870"
},
{
"title": "Cisco ASR 1000 Series Aggregation Services Routers Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67405"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-665",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112023"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170201-asrsnmp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/95934"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1037770"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3820"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3820"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "VULHUB",
"id": "VHN-112023"
},
{
"db": "BID",
"id": "95934"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"db": "VULHUB",
"id": "VHN-112023"
},
{
"db": "BID",
"id": "95934"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"date": "2017-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-112023"
},
{
"date": "2017-02-01T00:00:00",
"db": "BID",
"id": "95934"
},
{
"date": "2017-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"date": "2017-02-03T07:59:00.857000",
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"date": "2017-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01168"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-112023"
},
{
"date": "2017-02-02T00:09:00",
"db": "BID",
"id": "95934"
},
{
"date": "2017-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001723"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-3820"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS XE Works ASR 1000 Series Aggregation Service Router SNMP In function CPU Vulnerabilities that cause heavy use of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-015"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.