Authentication bypass in Cisco IOS XE - CVE-2017-12229
Published: September 27, 2017 / Updated: September 28, 2017
Vulnerability identifier: #VU8612
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2017-12229
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco IOS XE
Cisco IOS XE
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication and gain access to vulnerable device.
The vulnerability exist due to improper implementation of authentication in REST API of web-based user-interface. A remote attacker can send a specially crafted HTTP request to the affected device, bypass implemented authentication mechanisms and gain full access to the vulnerable system.
Successful exploitation of the vulnerability may result in unrestricted access to the vulnerable device.
How to mitigate CVE-2017-12229
Update to version 16.2(1.25), 16.3(0.214) or 16.3.1.