SB2017031702 - Remote code execution in Cluster Management Protocol in Cisco IOS and IOS XE

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017031702

SB2017031702 - Remote code execution in Cluster Management Protocol in Cisco IOS and IOS XE

Published: March 17, 2017 Updated: May 10, 2017

Security Bulletin ID SB2017031702
Severity
Critical
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Improper input validation (CVE-ID: CVE-2017-3881)

The vulnerability allows a remote attacker to gain access to vulnerable device.

The vulnerability exists due to improper input validation in Cisco Cluster Management Protocol (CMP) implementation and failure to restrict usage of CMP-specific Telnet options only to internal, local communications between cluster members. A remote unauthenticated attacker can send specially crafted CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections and cause the affected device to reload or obtain full control over vulnerable device.

Successful exploitation of this vulnerability may allow an attacker to gain full access to vulnerable device.

Note: information about this vulnerability was publicly disclosed by WikiLeaks documents dubbed CIA Vault 7.


Remediation

Install update from vendor's website.

References