var-201703-0899
Vulnerability from variot
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078. Vendors have confirmed this vulnerability Bug ID CSCuy82078 It is released as.Service operation interruption (DoS) An attack may be carried out. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices. Cisco IOSXESoftware failed to adequately filter L2TP packets. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. All the vulnerabilities have a Security Impact Rating of High.
-----BEGIN PGP SIGNATURE-----
iQKBBAEBAgBrBQJY0qKqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHmEgxAAshBFiyt/hGUC3/it JEYnR1a1Rspaba1kBbMQCgrfPK4hMaZwAykJzkaTSQMSo78SQ3+ddb4tVDk0bSk6 8+WEKFApGC8K6iZkIrUMl2rCX+0A3km42j/IN6bUysuzj+wmj5CQauEgQ8+mgzBn DP5IUyKKaITH83/I2Esin1tsEMcwxVpOUnrjYQVrD4TRLIxp75GsLrF1LnLjPaXk PfU8IEk4OlU/CSePErbYo6Kp3C3spzmIOy6znkikHhlRAhzNcBLTuccY/ZmeFARK JdaWelXdf94GCWBb1iEi3vON/L/ISgDcR5NfOJ43ocot2oGriEq0+qXpabuWQJxI gGZpeITgPPZ8YaY+KK/yymNuag3/lwYn39cgiy7yqVlz54U8dz3Hp9KrB2o3/8+n HwyiRBCnZ81iXiy+2oZnosjOpKBnnlnkKhu9l8exxzqpUjRW2aagRzFqIhu7ZTsX V/BRMaqlBw1thXZlJGUxIomwocXb8f4OrCLh4G57h6749lPeDb/qH4GMriWLO1g4 byCaaHuJ9qpkUYnOcpYaPjre2moC+sHaZZeEP13A9dgHBD3Ue21eiSiSRgnvRd5e 624gJhBHRixDs6n3/ePHJ+jjDYhtBOMjIT7gKueeMocKosLqOrjMUwTPaOajCnoy lx3ZL8eV6WFSukbbuVDiimYbaM0= =LLYg -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0899",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.0"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios xe",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.18.0"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.6"
},
{
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios \u003e12.0 s \u003c12.2 scg1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)mrb6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\(1\\)s"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)scf5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\(4\\)s4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(15\\)t1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "BID",
"id": "97010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.4",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.6",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.18.0",
"versionStartIncluding": "3.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3857"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "97010"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3857",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3857",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-04004",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-112060",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-3857",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3857",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-04004",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-990",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-112060",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3857",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078. Vendors have confirmed this vulnerability Bug ID CSCuy82078 It is released as.Service operation interruption (DoS) An attack may be carried out. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices. Cisco IOSXESoftware failed to adequately filter L2TP packets. \nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. All the vulnerabilities have a Security Impact Rating of High. \n\n-----BEGIN PGP SIGNATURE-----\n\niQKBBAEBAgBrBQJY0qKqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg\nSW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx\nNykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHmEgxAAshBFiyt/hGUC3/it\nJEYnR1a1Rspaba1kBbMQCgrfPK4hMaZwAykJzkaTSQMSo78SQ3+ddb4tVDk0bSk6\n8+WEKFApGC8K6iZkIrUMl2rCX+0A3km42j/IN6bUysuzj+wmj5CQauEgQ8+mgzBn\nDP5IUyKKaITH83/I2Esin1tsEMcwxVpOUnrjYQVrD4TRLIxp75GsLrF1LnLjPaXk\nPfU8IEk4OlU/CSePErbYo6Kp3C3spzmIOy6znkikHhlRAhzNcBLTuccY/ZmeFARK\nJdaWelXdf94GCWBb1iEi3vON/L/ISgDcR5NfOJ43ocot2oGriEq0+qXpabuWQJxI\ngGZpeITgPPZ8YaY+KK/yymNuag3/lwYn39cgiy7yqVlz54U8dz3Hp9KrB2o3/8+n\nHwyiRBCnZ81iXiy+2oZnosjOpKBnnlnkKhu9l8exxzqpUjRW2aagRzFqIhu7ZTsX\nV/BRMaqlBw1thXZlJGUxIomwocXb8f4OrCLh4G57h6749lPeDb/qH4GMriWLO1g4\nbyCaaHuJ9qpkUYnOcpYaPjre2moC+sHaZZeEP13A9dgHBD3Ue21eiSiSRgnvRd5e\n624gJhBHRixDs6n3/ePHJ+jjDYhtBOMjIT7gKueeMocKosLqOrjMUwTPaOajCnoy\nlx3ZL8eV6WFSukbbuVDiimYbaM0=\n=LLYg\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "BID",
"id": "97010"
},
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "PACKETSTORM",
"id": "141769"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-112060",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112060"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3857",
"trust": 3.6
},
{
"db": "BID",
"id": "97010",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1038100",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-04004",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141769",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-112060",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3857",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "BID",
"id": "97010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "PACKETSTORM",
"id": "141769"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"id": "VAR-201703-0899",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULHUB",
"id": "VHN-112060"
}
],
"trust": 1.3098872199999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
}
]
},
"last_update_date": "2023-12-18T12:51:22.321000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170322-l2tp",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-l2tp"
},
{
"title": "Patch for Cisco IOSXESoftware L2TP Packet Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/91531"
},
{
"title": "Cisco IOS and IOS XE Software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68701"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
},
{
"problemtype": "CWE-20",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/97010"
},
{
"trust": 2.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-l2tp"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1038100"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3857"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3857"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2017/mar/80"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/cisco-sa-20170322-l2tp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewerp.x?alertid=erp-60851\"]."
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-l2tp\"]"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "BID",
"id": "97010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "PACKETSTORM",
"id": "141769"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"db": "VULHUB",
"id": "VHN-112060"
},
{
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"db": "BID",
"id": "97010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"db": "PACKETSTORM",
"id": "141769"
},
{
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-112060"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"date": "2017-03-22T00:00:00",
"db": "BID",
"id": "97010"
},
{
"date": "2017-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"date": "2017-03-22T17:24:00",
"db": "PACKETSTORM",
"id": "141769"
},
{
"date": "2017-03-22T19:59:00.307000",
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"date": "2017-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04004"
},
{
"date": "2020-07-27T00:00:00",
"db": "VULHUB",
"id": "VHN-112060"
},
{
"date": "2020-07-27T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3857"
},
{
"date": "2017-03-23T00:01:00",
"db": "BID",
"id": "97010"
},
{
"date": "2017-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002735"
},
{
"date": "2020-07-27T16:59:48.603000",
"db": "NVD",
"id": "CVE-2017-3857"
},
{
"date": "2020-07-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "141769"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS and Cisco IOS XE of Layer 2 Tunneling Protocol Resource parsing vulnerability in the syntax analysis function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002735"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-990"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.