This security bulletin contains one critical risk vulnerability.
EUVDB-ID: #VU6125
Risk: Critical
CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2017-3881
CWE-ID:
CWE-20 - Improper Input Validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to vulnerable device.
The vulnerability exists due to improper input validation in Cisco Cluster Management Protocol (CMP) implementation and failure to restrict usage of CMP-specific Telnet options only to internal, local communications between cluster members. A remote unauthenticated attacker can send specially crafted CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections and cause the affected device to reload or obtain full control over vulnerable device.
Successful exploitation of this vulnerability may allow an attacker to gain full access to vulnerable device.
Note: information about this vulnerability was publicly disclosed by WikiLeaks documents dubbed CIA Vault 7.
MitigationInstall update from Cisco website.
Cisco IOS: All versions
Cisco IOS XE: All versions
Cisco SM-X Layer 2/3 EtherSwitch Service Module: All versions
Cisco RF Gateway 10: All versions
Cisco ME 4924-10GE Switch: All versions
Cisco IE-5000-16S12P Industrial Ethernet Switch: All versions
Cisco IE-5000-12S12P-10G Industrial Ethernet Switch: All versions
Cisco IE-4010-4S24P Industrial Ethernet Switch: All versions
Cisco IE-4010-16S12P Industrial Ethernet Switch: All versions
Cisco IE-4000-8T4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-8S4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-8GT8GP4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-8GT4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-8GS4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-4TC4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-4T4P4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-4S8P4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-4GS8GP4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-4GC4GP4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-16T4G-E Industrial Ethernet Switch: All versions
Cisco IE-4000-16GT4G-E Industrial Ethernet Switch: All versions
Cisco IE-3010-24TC Industrial Ethernet Switch: All versions
Cisco IE-3010-16S-8PC Industrial Ethernet Switch: All versions
Cisco IE 3000-8TC Industrial Ethernet Switch: All versions
Cisco IE 3000-4TC Industrial Ethernet Switch: All versions
Cisco IE 2000-8TC-G-N Industrial Ethernet Switch: All versions
Cisco IE 2000-8TC-G-E Industrial Ethernet Switch: All versions
Cisco IE 2000-8TC-G Industrial Ethernet Switch: All versions
Cisco IE 2000-8TC Industrial Ethernet Switch: All versions
Cisco IE 2000-8T67P Industrial Ethernet Switch: All versions
Cisco IE 2000-8T67 Industrial Ethernet Switch: All versions
Cisco IE 2000-4TS-G Industrial Ethernet Switch: All versions
Cisco IE 2000-4TS Industrial Ethernet Switch: All versions
Cisco IE 2000-4T-G Industrial Ethernet Switch: All versions
Cisco IE 2000-4T Industrial Ethernet Switch: All versions
Cisco IE 2000-4S-TS-G Industrial Ethernet Switch: All versions
Cisco IE 2000-24T67 Industrial Ethernet Switch: All versions
Cisco IE 2000-16TC-G-X Industrial Ethernet Switch: All versions
Cisco IE 2000-16TC-G-N Industrial Ethernet Switch: All versions
Cisco IE 2000-16TC-G-E Industrial Ethernet Switch: All versions
Cisco IE 2000-16TC-G Industrial Ethernet Switch: All versions
Cisco IE 2000-16TC Industrial Ethernet Switch: All versions
Cisco IE 2000-16T67P Industrial Ethernet Switch: All versions
Cisco IE 2000-16T67 Industrial Ethernet Switch: All versions
Cisco IE 2000-16PTC-G Industrial Ethernet Switch: All versions
Cisco Gigabit Ethernet Switch Module (CGESM) for HP: All versions
Cisco Enhanced Layer 2/3 EtherSwitch Service Module: All versions
Cisco Enhanced Layer 2 EtherSwitch Service Module: All versions
Cisco Embedded Service 2020 NCP Switch: All versions
Cisco Embedded Service 2020 NCP B Switch: All versions
Cisco Embedded Service 2020 CON Switch: All versions
Cisco Embedded Service 2020 CON B Switch: All versions
Cisco Embedded Service 2020 24TC NCP Switch: All versions
Cisco Embedded Service 2020 24TC NCP B Switch: All versions
Cisco Embedded Service 2020 24TC CON Switch: All versions
Cisco Embedded Service 2020 24TC CON B Switch: All versions
Cisco Catalyst Switch Module 3110X for IBM BladeCenter: All versions
Cisco Catalyst Switch Module 3110 for IBM BladeCenter: All versions
Cisco Catalyst Switch Module 3012 for IBM BladeCenter: All versions
Cisco Catalyst C2928-48TC-C Switch: All versions
Cisco Catalyst C2928-24LT-C Switch: All versions
Cisco Catalyst Blade Switch 3130 for Dell M1000E: All versions
Cisco Catalyst Blade Switch 3120X for HP: All versions
Cisco Catalyst Blade Switch 3120 for HP: All versions
Cisco Catalyst Blade Switch 3040 for FSC: All versions
Cisco Catalyst Blade Switch 3032 for Dell M1000E: All versions
Cisco Catalyst Blade Switch 3030 for Dell: All versions
Cisco Catalyst Blade Switch 3020 for HP: All versions
Cisco Catalyst 4948E-F Ethernet Switch: All versions
Cisco Catalyst 4948E Ethernet Switch: All versions
Cisco Catalyst 4948 Switch: All versions
Cisco Catalyst 4948 10 Gigabit Ethernet Switch: All versions
Cisco Catalyst 4928 10 Gigabit Ethernet Switch: All versions
Cisco Catalyst 4900M Switch: All versions
Cisco Catalyst 4500 Supervisor Engine 6L-E: All versions
Cisco Catalyst 4500 Supervisor Engine 6-E: All versions
Cisco Catalyst 4500 Series Supervisor II-Plus-10GE: All versions
Cisco Catalyst 4500 Series Supervisor Engine V-10GE: All versions
Cisco Catalyst 4500 Series Supervisor Engine II-Plus-TS: All versions
Cisco Catalyst 4500 Series Supervisor Engine II-Plus: All versions
Cisco Catalyst 4000/4500 Supervisor Engine V: All versions
Cisco Catalyst 4000/4500 Supervisor Engine IV: All versions
Cisco Catalyst 4000 Supervisor Engine I: All versions
Cisco Catalyst 3750X-48U-S Switch: All versions
Cisco Catalyst 3750X-48U-L Switch: All versions
Cisco Catalyst 3750X-48U-E Switch: All versions
Cisco Catalyst 3750X-48T-S Switch: All versions
Cisco Catalyst 3750X-48T-L Switch: All versions
Cisco Catalyst 3750X-48T-E Switch: All versions
Cisco Catalyst 3750X-48PF-S Switch: All versions
Cisco Catalyst 3750X-48PF-L Switch: All versions
Cisco Catalyst 3750X-48PF-E Switch: All versions
Cisco Catalyst 3750X-48P-S Switch: All versions
Cisco Catalyst 3750X-48P-L Switch: All versions
Cisco Catalyst 3750X-48P-E Switch: All versions
Cisco Catalyst 3750X-24U-S Switch: All versions
Cisco Catalyst 3750X-24U-L Switch: All versions
Cisco Catalyst 3750X-24U-E Switch: All versions
Cisco Catalyst 3750X-24T-S Switch: All versions
Cisco Catalyst 3750X-24T-L Switch: All versions
Cisco Catalyst 3750X-24T-E Switch: All versions
Cisco Catalyst 3750X-24S-S Switch: All versions
Cisco Catalyst 3750X-24S-E Switch: All versions
Cisco Catalyst 3750X-24P-S Switch: All versions
Cisco Catalyst 3750X-24P-L Switch: All versions
Cisco Catalyst 3750X-24P-E Switch: All versions
Cisco Catalyst 3750X-12S-S Switch: All versions
Cisco Catalyst 3750X-12S-E Switch: All versions
Cisco Catalyst 3750V2-48TS Switch: All versions
Cisco Catalyst 3750V2-48PS Switch: All versions
Cisco Catalyst 3750V2-24TS Switch: All versions
Cisco Catalyst 3750V2-24PS Switch: All versions
Cisco Catalyst 3750V2-24FS Switch: All versions
Cisco Catalyst 3750G-48TS Switch: All versions
Cisco Catalyst 3750G-48PS Switch: All versions
Cisco Catalyst 3750G-24TS-1U Switch: All versions
Cisco Catalyst 3750G-24TS Switch: All versions
Cisco Catalyst 3750G-24T Switch: All versions
Cisco Catalyst 3750G-24PS Switch: All versions
Cisco Catalyst 3750G-16TD Switch: All versions
Cisco Catalyst 3750G-12S-SD Switch: All versions
Cisco Catalyst 3750G-12S Switch: All versions
Cisco Catalyst 3750E-48TD-S Switch: All versions
Cisco Catalyst 3750E-48TD-E Switch: All versions
Cisco Catalyst 3750E-48PD-SF Switch: All versions
Cisco Catalyst 3750E-48PD-S Switch: All versions
Cisco Catalyst 3750E-48PD-EF Switch: All versions
Cisco Catalyst 3750E-48PD-E Switch: All versions
Cisco Catalyst 3750E-24TD-S Switch: All versions
Cisco Catalyst 3750E-24TD-E Switch: All versions
Cisco Catalyst 3750E-24PD-S Switch: All versions
Cisco Catalyst 3750E-24PD-E Switch: All versions
Cisco Catalyst 3750-48TS Switch: All versions
Cisco Catalyst 3750-48PS Switch: All versions
Cisco Catalyst 3750-24TS Switch: All versions
Cisco Catalyst 3750-24PS Switch: All versions
Cisco Catalyst 3750-24FS Switch: All versions
Cisco Catalyst 3750 Metro 24-DC Switch: All versions
Cisco Catalyst 3750 Metro 24-AC Switch: All versions
Cisco Catalyst 3560X-48U-S Switch: All versions
Cisco Catalyst 3560X-48U-L Switch: All versions
Cisco Catalyst 3560X-48U-E Switch: All versions
Cisco Catalyst 3560X-48T-S Switch: All versions
Cisco Catalyst 3560X-48T-L Switch: All versions
Cisco Catalyst 3560X-48T-E Switch: All versions
Cisco Catalyst 3560X-48PF-S Switch: All versions
Cisco Catalyst 3560X-48PF-L Switch: All versions
Cisco Catalyst 3560X-48PF-E Switch: All versions
Cisco Catalyst 3560X-48P-S Switch: All versions
Cisco Catalyst 3560X-48P-L Switch: All versions
Cisco Catalyst 3560X-48P-E Switch: All versions
Cisco Catalyst 3560X-24U-S Switch: All versions
Cisco Catalyst 3560X-24U-L Switch: All versions
Cisco Catalyst 3560X-24U-E Switch: All versions
Cisco Catalyst 3560X-24T-S Switch: All versions
Cisco Catalyst 3560X-24T-L Switch: All versions
Cisco Catalyst 3560X-24T-E Switch: All versions
Cisco Catalyst 3560X-24P-S Switch: All versions
Cisco Catalyst 3560X-24P-L Switch: All versions
Cisco Catalyst 3560X-24P-E Switch: All versions
Cisco Catalyst 3560V2-48TS Switch: All versions
Cisco Catalyst 3560V2-48PS Switch: All versions
Cisco Catalyst 3560V2-24TS Switch: All versions
Cisco Catalyst 3560V2-24PS Switch: All versions
Cisco Catalyst 3560V2-24DC Switch: All versions
Cisco Catalyst 3560G-48TS Switch: All versions
Cisco Catalyst 3560G-48PS Switch: All versions
Cisco Catalyst 3560G-24TS Switch: All versions
Cisco Catalyst 3560G-24PS Switch: All versions
Cisco Catalyst 3560E-48TD-S Switch: All versions
Cisco Catalyst 3560E-48TD-E Switch: All versions
Cisco Catalyst 3560E-48PD-SF Switch: All versions
Cisco Catalyst 3560E-48PD-S Switch: All versions
Cisco Catalyst 3560E-48PD-EF Switch: All versions
Cisco Catalyst 3560E-48PD-E Switch: All versions
Cisco Catalyst 3560E-24TD-S Switch: All versions
Cisco Catalyst 3560E-24TD-E Switch: All versions
Cisco Catalyst 3560E-24PD-S Switch: All versions
Cisco Catalyst 3560E-24PD-E Switch: All versions
Cisco Catalyst 3560E-12SD-S Switch: All versions
Cisco Catalyst 3560E-12SD-E Switch: All versions
Cisco Catalyst 3560E-12D-S Switch: All versions
Cisco Catalyst 3560E-12D-E Switch: All versions
Cisco Catalyst 3560CX-8XPD-S Switch: All versions
Cisco Catalyst 3560CX-8TC-S Switch: All versions
Cisco Catalyst 3560CX-8PT-S Switch: All versions
Cisco Catalyst 3560CX-8PC-S Switch: All versions
Cisco Catalyst 3560CX-12TC-S Switch: All versions
Cisco Catalyst 3560CX-12PD-S Switch: All versions
Cisco Catalyst 3560CX-12PC-S Switch: All versions
Cisco Catalyst 3560CPD-8PT-S Compact Switch: All versions
Cisco Catalyst 3560CG-8TC-S Compact Switch: All versions
Cisco Catalyst 3560CG-8PC-S Compact Switch: All versions
Cisco Catalyst 3560C-8PC-S Switch: All versions
Cisco Catalyst 3560C-12PC-S Switch: All versions
Cisco Catalyst 3560-8PC Compact Switch: All versions
Cisco Catalyst 3560-48TS Switch: All versions
Cisco Catalyst 3560-48PS Switch: All versions
Cisco Catalyst 3560-24TS Switch: All versions
Cisco Catalyst 3560-24PS Switch: All versions
Cisco Catalyst 3560-12PC-S Compact Switch: All versions
Cisco Catalyst 3550 48 SMI Switch: All versions
Cisco Catalyst 3550 48 EMI Switch: All versions
Cisco Catalyst 3550 24 SMI Switch: All versions
Cisco Catalyst 3550 24 PWR Switch: All versions
Cisco Catalyst 3550 24 FX SMI Switch: All versions
Cisco Catalyst 3550 24 EMI Switch: All versions
Cisco Catalyst 3550 24 DC SMI Switch: All versions
Cisco Catalyst 3550 12T Switch: All versions
Cisco Catalyst 3550 12G Switch: All versions
Cisco Catalyst 2975 Switch: All versions
Cisco Catalyst 2970G-24TS Switch: All versions
Cisco Catalyst 2970G-24T Switch: All versions
Cisco Catalyst 2960XR-48TS-L Switch: All versions
Cisco Catalyst 2960XR-48TS-I Switch: All versions
Cisco Catalyst 2960XR-48TD-L Switch: All versions
Cisco Catalyst 2960XR-48TD-I Switch: All versions
Cisco Catalyst 2960XR-48LPS-L Switch: All versions
Cisco Catalyst 2960XR-48LPS-I Switch: All versions
Cisco Catalyst 2960XR-48LPD-L Switch: All versions
Cisco Catalyst 2960XR-48LPD-I Switch: All versions
Cisco Catalyst 2960XR-48FPS-L Switch: All versions
Cisco Catalyst 2960XR-48FPS-I Switch: All versions
Cisco Catalyst 2960XR-48FPD-L Switch: All versions
Cisco Catalyst 2960XR-48FPD-I Switch: All versions
Cisco Catalyst 2960XR-24TS-L Switch: All versions
Cisco Catalyst 2960XR-24TS-I Switch: All versions
Cisco Catalyst 2960XR-24TD-L Switch: All versions
Cisco Catalyst 2960XR-24TD-I Switch: All versions
Cisco Catalyst 2960XR-24PS-L Switch: All versions
Cisco Catalyst 2960XR-24PS-I Switch: All versions
Cisco Catalyst 2960XR-24PD-L Switch: All versions
Cisco Catalyst 2960XR-24PD-I Switch: All versions
Cisco Catalyst 2960X-48TS-LL Switch: All versions
Cisco Catalyst 2960X-48TS-L Switch: All versions
Cisco Catalyst 2960X-48TD-L Switch: All versions
Cisco Catalyst 2960X-48LPS-L Switch: All versions
Cisco Catalyst 2960X-48LPD-L Switch: All versions
Cisco Catalyst 2960X-48FPS-L Switch: All versions
Cisco Catalyst 2960X-48FPD-L Switch: All versions
Cisco Catalyst 2960X-24TS-LL Switch: All versions
Cisco Catalyst 2960X-24TS-L Switch: All versions
Cisco Catalyst 2960X-24TD-L Switch: All versions
Cisco Catalyst 2960X-24PSQ-L Cool Switch: All versions
Cisco Catalyst 2960X-24PS-L Switch: All versions
Cisco Catalyst 2960X-24PD-L Switch: All versions
Cisco Catalyst 2960S-F48TS-S Switch: All versions
Cisco Catalyst 2960S-F48TS-L Switch: All versions
Cisco Catalyst 2960S-F48LPS-L Switch: All versions
Cisco Catalyst 2960S-F48FPS-L Switch: All versions
Cisco Catalyst 2960S-F24TS-S Switch: All versions
Cisco Catalyst 2960S-F24TS-L Switch: All versions
Cisco Catalyst 2960S-F24PS-L Switch: All versions
Cisco Catalyst 2960S-48TS-S Switch: All versions
Cisco Catalyst 2960S-48TS-L Switch: All versions
Cisco Catalyst 2960S-48TD-L Switch: All versions
Cisco Catalyst 2960S-48LPS-L Switch: All versions
Cisco Catalyst 2960S-48LPD-L Switch: All versions
Cisco Catalyst 2960S-48FPS-L Switch: All versions
Cisco Catalyst 2960S-48FPD-L Switch: All versions
Cisco Catalyst 2960S-24TS-S Switch: All versions
Cisco Catalyst 2960S-24TS-L Switch: All versions
Cisco Catalyst 2960S-24TD-L Switch: All versions
Cisco Catalyst 2960S-24PS-L Switch: All versions
Cisco Catalyst 2960S-24PD-L Switch: All versions
Cisco Catalyst 2960PD-8TT-L Compact Switch: All versions
Cisco Catalyst 2960L-8TS-LL Switch: All versions
Cisco Catalyst 2960L-8PS-LL Switch: All versions
Cisco Catalyst 2960L-48TS-LL Switch: All versions
Cisco Catalyst 2960L-48PS-LL Switch: All versions
Cisco Catalyst 2960L-24TS-LL Switch: All versions
Cisco Catalyst 2960L-24PS-LL Switch: All versions
Cisco Catalyst 2960L-16TS-LL Switch: All versions
Cisco Catalyst 2960L-16PS-LL Switch: All versions
Cisco Catalyst 2960G-8TC-L Compact Switch: All versions
Cisco Catalyst 2960G-48TC-L Switch: All versions
Cisco Catalyst 2960G-24TC-L Switch: All versions
Cisco Catalyst 2960CX-8TC-L Switch: All versions
Cisco Catalyst 2960CX-8PC-L Switch: All versions
Cisco Catalyst 2960CPD-8TT-L Switch: All versions
Cisco Catalyst 2960CPD-8PT-L Switch: All versions
Cisco Catalyst 2960CG-8TC-L Compact Switch: All versions
Cisco Catalyst 2960C-8TC-S Switch: All versions
Cisco Catalyst 2960C-8TC-L Switch: All versions
Cisco Catalyst 2960C-8PC-L Switch: All versions
Cisco Catalyst 2960C-12PC-L Switch: All versions
Cisco Catalyst 2960-Plus 48TC-S Switch: All versions
Cisco Catalyst 2960-Plus 48TC-L Switch: All versions
Cisco Catalyst 2960-Plus 48PST-S Switch: All versions
Cisco Catalyst 2960-Plus 48PST-L Switch: All versions
Cisco Catalyst 2960-Plus 24TC-S Switch: All versions
Cisco Catalyst 2960-Plus 24TC-L Switch: All versions
Cisco Catalyst 2960-Plus 24PC-S Switch: All versions
Cisco Catalyst 2960-Plus 24PC-L Switch: All versions
Cisco Catalyst 2960-Plus 24LC-S Switch: All versions
Cisco Catalyst 2960-Plus 24LC-L Switch: All versions
Cisco Catalyst 2960-8TC-S Compact Switch: All versions
Cisco Catalyst 2960-8TC-L Compact Switch: All versions
Cisco Catalyst 2960-48TT-S Switch: All versions
Cisco Catalyst 2960-48TT-L Switch: All versions
Cisco Catalyst 2960-48TC-S Switch: All versions
Cisco Catalyst 2960-48TC-L Switch: All versions
Cisco Catalyst 2960-48PST-S Switch: All versions
Cisco Catalyst 2960-48PST-L Switch: All versions
Cisco Catalyst 2960-24TT-L Switch: All versions
Cisco Catalyst 2960-24TC-S Switch: All versions
Cisco Catalyst 2960-24TC-L Switch: All versions
Cisco Catalyst 2960-24PC-S Switch: All versions
Cisco Catalyst 2960-24PC-L Switch: All versions
Cisco Catalyst 2960-24LT-L Switch: All versions
Cisco Catalyst 2960-24LC-S Switch: All versions
Cisco Catalyst 2960-24-S Switch: All versions
Cisco Catalyst 2928-24TC-C Switch: All versions
Cisco Catalyst 2918-48TT-C Switch: All versions
Cisco Catalyst 2918-48TC-C Switch: All versions
Cisco Catalyst 2918-24TT-C Switch: All versions
Cisco Catalyst 2918-24TC-C Switch: All versions
Cisco Catalyst 2360-48TD-S Switch: All versions
Cisco Catalyst 2350-48TD-SD Switch: All versions
Cisco Catalyst 2350-48TD-S Switch: All versions
CPE2.3http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.