Security restrictions bypass in Cisco IOS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-6770 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco IOS Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Security restrictions bypass
EUVDB-ID: #VU7645
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-6770
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The weakness exists in the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database due to improper input validation. A remote attacker can send specially crafted unicast or multicast OSPF LSA type 1 packets and take full control of the OSPF Autonomous System (AS) domain routing
table, allowing the attacker to intercept or black-hole traffic.
The vulnerability is addressed in the following versions:
16.6(0.125), 16.5(1.11), 16.3.4, 16.3(3.26), 15.7(2.0i)M, 15.6(3)M3, 15.6(3)M2.3, 15.6(1.16)SP2, 15.6(1)S3.29, 15.5(3)S6a, 15.5(3)S5.10, 15.5(3)M6, 15.5(1)IA1.306, 15.4(3)S8, 15.4(3)S7.2, 15.4(3)M8, 15.4(1.2.56)SY1, 15.4(1)SY2, 15.4(1)OF1.15, 15.4(1)IC1.101, 15.3(3)S9.22, 15.3(3)M10, 15.2(6.3.30i)E, 15.2(6.1.92i)E, 15.2(2)SY3, 15.2(2)E7, 15.2(1.2.57)SY2, 15.2(1.1)ST3, 15.2(1)SY4.38.
Cisco IOS: 15.1(2.0)
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
