var-201703-0906
Vulnerability from variot
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. This vulnerability affects the following Cisco 800 Series Industrial Integrated Services Routers: Cisco IR809 and Cisco IR829. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52330. Cisco IOx Contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuy52330 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. A stack buffer overflow vulnerability exists in several Cisco products due to insufficient boundary checking before copying user data to a buffer of insufficient size. Data-in-Motion (DMo) is one of the real-time data interaction processes. The DMo process installed with the Cisco IOx 1.0.0.0 and 1.1.0.0 application environment has a security vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox"]
-----BEGIN PGP SIGNATURE-----
iQKBBAEBAgBrBQJY0qMqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHnAgQ/9E53gx3RzJorkoUhK ncGbIGWeBmDJJqyU7lgAvZDCbJKZTTYaLcz8IhiGH/DEonfEoPlRf5YIoHdEDbTV 8eE8sBnNXqVjSJatVvdLZWilZthTrgT8aQgX+t6PWOrbbERXf8XYUYX7wz2/IkEq j2x4IR9ZpgJVVazFJFuC2D/Sz6j9LB65xEbUe6d3K6ZLbCAYrm9AHA6+nTrQqPTL enfW/RhD1ciu6m5y0sOg0VE68C8pDJV/a8BPtVk3Rz22oesWVkpZPRSJXzk1M6H7 35a8EHozoqZen3Ojb27bgVlIG+scyyJDZzgmpz7+l1A6h5Uq1UL/sss2foiz0Te3 UOM79CSBSzR6woF+3qFBDwumNGhjHdlrfg8t+XDzhSh3+BQ5zNUijZB4+X7f/R+8 SdYAtHiSGXDg9RR9GTeRKCyjl7RqwJ9IMMmR1qyJSkI41UL20CPdt9mK0ajlzzhD qMh0iMZtlvjoxjhix5lXpXXpIDb2iwCQcHma76Cq32MkKL8HOXfJq7rpZPH8p6tH An9VjssLWjiMWnO1nhtP+i+zYEmp9U/jK2VVw1t4Fzv8HfdscWr3RLrSxyJOjQO9 SvN++XAo0ERp8TcMeV8skCqeV+JgzUAZ3JlKODR/R//lJPQLfuqfJoTPOxabROuy Uxj5oDgf6UpOaZOli8Av//fSiE8= =Lr/s -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0906",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iox",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "iox",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "iox",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.0.0.0"
},
{
"model": "iox",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1.0.0"
},
{
"model": "iox",
"scope": "lt",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "ir829",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ir809",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "iox software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.0.0"
},
{
"model": "iox software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0.0.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "BID",
"id": "97011"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:iox:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:iox:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "97011"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-3853",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-04002",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-112056",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3853",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3853",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-04002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-992",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-112056",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3853",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. This vulnerability affects the following Cisco 800 Series Industrial Integrated Services Routers: Cisco IR809 and Cisco IR829. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52330. Cisco IOx Contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuy52330 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. A stack buffer overflow vulnerability exists in several Cisco products due to insufficient boundary checking before copying user data to a buffer of insufficient size. Data-in-Motion (DMo) is one of the real-time data interaction processes. \nThe DMo process installed with the Cisco IOx 1.0.0.0 and 1.1.0.0 application environment has a security vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox\"]\n\n-----BEGIN PGP SIGNATURE-----\n\niQKBBAEBAgBrBQJY0qMqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg\nSW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx\nNykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHnAgQ/9E53gx3RzJorkoUhK\nncGbIGWeBmDJJqyU7lgAvZDCbJKZTTYaLcz8IhiGH/DEonfEoPlRf5YIoHdEDbTV\n8eE8sBnNXqVjSJatVvdLZWilZthTrgT8aQgX+t6PWOrbbERXf8XYUYX7wz2/IkEq\nj2x4IR9ZpgJVVazFJFuC2D/Sz6j9LB65xEbUe6d3K6ZLbCAYrm9AHA6+nTrQqPTL\nenfW/RhD1ciu6m5y0sOg0VE68C8pDJV/a8BPtVk3Rz22oesWVkpZPRSJXzk1M6H7\n35a8EHozoqZen3Ojb27bgVlIG+scyyJDZzgmpz7+l1A6h5Uq1UL/sss2foiz0Te3\nUOM79CSBSzR6woF+3qFBDwumNGhjHdlrfg8t+XDzhSh3+BQ5zNUijZB4+X7f/R+8\nSdYAtHiSGXDg9RR9GTeRKCyjl7RqwJ9IMMmR1qyJSkI41UL20CPdt9mK0ajlzzhD\nqMh0iMZtlvjoxjhix5lXpXXpIDb2iwCQcHma76Cq32MkKL8HOXfJq7rpZPH8p6tH\nAn9VjssLWjiMWnO1nhtP+i+zYEmp9U/jK2VVw1t4Fzv8HfdscWr3RLrSxyJOjQO9\nSvN++XAo0ERp8TcMeV8skCqeV+JgzUAZ3JlKODR/R//lJPQLfuqfJoTPOxabROuy\nUxj5oDgf6UpOaZOli8Av//fSiE8=\n=Lr/s\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
},
{
"db": "BID",
"id": "97011"
},
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "PACKETSTORM",
"id": "141771"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-112056",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112056"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3853",
"trust": 3.6
},
{
"db": "BID",
"id": "97011",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1038105",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-04002",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141771",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-112056",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3853",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "BID",
"id": "97011"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "PACKETSTORM",
"id": "141771"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"id": "VAR-201703-0906",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULHUB",
"id": "VHN-112056"
}
],
"trust": 1.3444444666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
}
]
},
"last_update_date": "2023-12-18T14:01:40.342000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170322-iox",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-iox"
},
{
"title": "Patch for multiple Cisco product stack buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/91529"
},
{
"title": "Cisco IOx Data-in-Motion Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68703"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-iox"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/97011"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3853"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038105"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3853"
},
{
"trust": 0.7,
"url": "https://threatpost.com/cisco-patches-critical-iox-vulnerability/124533/"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2017/mar/82"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170322-iox\"]"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "BID",
"id": "97011"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "PACKETSTORM",
"id": "141771"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"db": "VULHUB",
"id": "VHN-112056"
},
{
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"db": "BID",
"id": "97011"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"db": "PACKETSTORM",
"id": "141771"
},
{
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULHUB",
"id": "VHN-112056"
},
{
"date": "2017-03-22T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"date": "2017-03-22T00:00:00",
"db": "BID",
"id": "97011"
},
{
"date": "2017-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"date": "2017-03-22T17:27:00",
"db": "PACKETSTORM",
"id": "141771"
},
{
"date": "2017-03-22T19:59:00.247000",
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"date": "2017-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04002"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-112056"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3853"
},
{
"date": "2017-03-23T00:01:00",
"db": "BID",
"id": "97011"
},
{
"date": "2017-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002699"
},
{
"date": "2017-07-12T01:29:15.863000",
"db": "NVD",
"id": "CVE-2017-3853"
},
{
"date": "2017-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "141771"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOx Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002699"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-992"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.