Published: 29/09/2017 Updated: 09/10/2019

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 up to and including 15.6 and Cisco IOS XE 3.5 up to and including 16.5 could allow an unauthenticated, remote malicious user to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an affected device processes certain IKEv2 packets. An attacker could exploit this vulnerability by sending specific IKEv2 packets to an affected device to be processed. A successful exploit could allow the malicious user to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition. This vulnerability affects Cisco devices that have the Internet Security Association and Key Management Protocol (ISAKMP) enabled. Although only IKEv2 packets can be used to trigger this vulnerability, devices that are running Cisco IOS Software or Cisco IOS XE Software are vulnerable when ISAKMP is enabled. A device does not need to be configured with any IKEv2-specific features to be vulnerable. Many features use IKEv2, including different types of VPNs such as the following: LAN-to-LAN VPN; Remote-access VPN, excluding SSL VPN; Dynamic Multipoint VPN (DMVPN); and FlexVPN. Cisco Bug IDs: CSCvc41277.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.2\\(2\\)e1
cisco ios 15.0\\(2\\)ex
cisco ios 15.2\\(4\\)ec
cisco ios 15.5\\(3\\)m4
cisco ios xe 3.6.2e
cisco ios xe 3.7.5s
cisco ios xe 3.9.0e
cisco ios xe 16.2.2a
cisco ios xe 16.3.2
cisco ios xe 3.15.2s
cisco ios 15.2\\(4\\)e1
cisco ios 15.2\\(4\\)m5
cisco ios xe 3.13.1s
cisco ios 15.2\\(4\\)m4
cisco ios xe 16.5.1a
cisco ios 15.4\\(3\\)m5
cisco ios 15.4\\(1\\)t1
cisco ios 15.3\\(1\\)s2
cisco ios 15.2\\(2\\)eb1
cisco ios 15.2\\(5\\)e2
cisco ios xe 3.17.3s
cisco ios 15.2\\(1\\)sy1a
cisco ios xe 3.8.4e
cisco ios xe 3.6.5be
cisco ios 15.1\\(2\\)sg7a
cisco ios 15.2\\(2\\)e2
cisco ios xe 3.18.1s
cisco ios 15.2\\(2\\)e3
cisco ios 15.1\\(2\\)sy10
cisco ios 15.3\\(3\\)m7
cisco ios 15.6\\(2\\)s2
cisco ios xe 16.5.1c
cisco ios 15.3\\(2\\)t2
cisco ios 15.3\\(3\\)m
cisco ios 15.4\\(3\\)s2
cisco ios 15.4\\(1\\)cg
cisco ios 15.3\\(1\\)t2
cisco ios xe 3.8.2s
cisco ios xe 3.10.6s
cisco ios 15.3\\(3\\)s
cisco ios 15.6\\(1\\)t2
cisco ios 15.6\\(2\\)sp2
cisco ios xe 3.14.4s
cisco ios 15.3\\(2\\)t1
cisco ios xe 3.7.0bs
cisco ios xe 16.5.1b
cisco ios xe 3.9.0as
cisco ios 15.2\\(3a\\)e1
cisco ios xe 3.10.7s
cisco ios xe 3.8.1s
cisco ios 15.3\\(3\\)jc50
cisco ios 15.2\\(2\\)eb
cisco ios 15.6\\(2\\)sp2a
cisco ios 15.3\\(2\\)s2
cisco ios 15.4\\(3\\)m1
cisco ios 15.6\\(2\\)t
cisco ios 15.3\\(2\\)t4
cisco ios 15.2\\(2\\)s0c
cisco ios 15.3\\(2\\)s1
cisco ios 15.3\\(3\\)s5
cisco ios 15.5\\(3\\)m
cisco ios 15.0\\(2\\)se3
cisco ios 15.5\\(2\\)t4
cisco ios xe 16.1.3
cisco ios 15.5\\(3\\)s5
cisco ios xe 3.13.6s
cisco ios 15.5\\(1\\)s
cisco ios xe 3.9.0s
cisco ios xe 3.18.0as
cisco ios xe 3.16.0cs
cisco ios xe 3.16.5s
cisco ios xe 3.11.2s
cisco ios 15.5\\(1\\)t3
cisco ios 15.1\\(2\\)sy9
cisco ios 15.4\\(2\\)t3
cisco ios xe 16.4.2
cisco ios xe 3.7.2e
cisco ios 15.4\\(1\\)t
cisco ios 15.2\\(3\\)e5
cisco ios 15.2\\(4\\)m1
cisco ios 15.2\\(3a\\)e
cisco ios 15.3\\(3\\)jbb6a
cisco ios 15.2\\(4m\\)e1
cisco ios 15.6\\(2\\)t2
cisco ios xe 16.1.1
cisco ios xe 3.10.9s
cisco ios 15.6\\(2\\)sp1c
cisco ios xe 3.11.3s
cisco ios 15.4\\(3\\)s4
cisco ios 15.0\\(2\\)ex3
cisco ios 15.2\\(5a\\)e
cisco ios 15.3\\(3\\)je1
cisco ios xe 3.16.1as
cisco ios 15.4\\(1\\)sy1
cisco ios 15.2\\(3\\)e4
cisco ios 15.5\\(3\\)s3a
cisco ios 15.6\\(3\\)m2
cisco ios 15.5\\(1\\)t2
cisco ios xe 3.6.2ae
cisco ios xe 3.18.1sp
cisco ios 15.2\\(3\\)e3
cisco ios 15.2\\(4\\)m3
cisco ios 15.2\\(4n\\)e2
cisco ios 15.2\\(3m\\)e6
cisco ios 15.0\\(2\\)se5
cisco ios 15.6\\(1\\)t
cisco ios xe 16.2.1
cisco ios 15.6\\(3\\)m
cisco ios 15.2\\(2\\)sng
cisco ios xe 3.15.1cs
cisco ios 15.6\\(2\\)s0a
cisco ios xe 3.9.2s
cisco ios 15.2\\(4\\)e2
cisco ios xe 3.10.4s
cisco ios 15.2\\(4\\)s2
cisco ios xe 3.12.0as
cisco ios 15.2\\(3\\)t4
cisco ios 15.2\\(2a\\)e1
cisco ios 15.2\\(4\\)m10
cisco ios 15.4\\(1\\)s3
cisco ios 15.5\\(2\\)t
cisco ios 15.2\\(4\\)e4
cisco ios 15.4\\(1\\)cg1
cisco ios 15.5\\(3\\)s4a
cisco ios 15.5\\(3\\)m4a
cisco ios xe 3.7.0s
cisco ios 15.4\\(3\\)s5a
cisco ios 15.0\\(2\\)se8
cisco ios 15.1\\(1\\)sy2
cisco ios 15.5\\(3\\)s4b
cisco ios xe 3.15.3s
cisco ios xe 3.8.0s
cisco ios 15.2\\(5\\)e
cisco ios xe 3.10.1s
cisco ios 15.3\\(3\\)jpb
cisco ios xe 3.16.4ds
cisco ios xe 3.18.3vs
cisco ios 15.3\\(3\\)s9
cisco ios 15.2\\(1\\)e2
cisco ios xe 3.8.3e
cisco ios 15.2\\(5b\\)e
cisco ios xe 3.7.6s
cisco ios 15.3\\(3\\)m3
cisco ios xe 3.15.4s
cisco ios xe 3.18.2sp
cisco ios 15.2\\(3\\)e
cisco ios xe 3.12.4s
cisco ios xe 3.7.2s
cisco ios 15.6\\(1\\)s1a
cisco ios 15.3\\(1\\)s
cisco ios 15.0\\(2\\)sqd7
cisco ios 15.2\\(2\\)s1
cisco ios 15.2\\(2\\)sy
cisco ios 15.2\\(4m\\)e3
cisco ios 15.0\\(2a\\)se9
cisco ios xe 3.6.0s
cisco ios 15.1\\(2\\)sy8
cisco ios 15.2\\(2\\)e5a
cisco ios 15.4\\(3\\)m2
cisco ios xe 3.12.2s
cisco ios 15.3\\(3\\)s7
cisco ios 15.2\\(5\\)e2c
cisco ios 15.2\\(2\\)s
cisco ios 15.2\\(1\\)sy
cisco ios 15.5\\(3\\)sn
cisco ios 15.6\\(1\\)s3
cisco ios 15.6\\(2\\)sp1
cisco ios xe 16.1.3a
cisco ios 15.2\\(5\\)e2b
cisco ios xe 3.7.0e
cisco ios xe 3.12.3s
cisco ios xe 3.18.2s
cisco ios 15.2\\(4\\)m
cisco ios 15.3\\(3\\)s6
cisco ios 15.6\\(2\\)s3
cisco ios 15.6\\(3\\)m0a
cisco ios 15.6\\(1\\)t3
cisco ios xe 3.16.2bs
cisco ios xe 3.7.4as
cisco ios xe 3.16.0s
cisco ios xe 3.13.7s
cisco ios xe 3.18.3s
cisco ios 15.2\\(3\\)gc1
cisco ios xe 3.6.3e
cisco ios 15.4\\(2\\)t
cisco ios xe 3.9.1s
cisco ios xe 3.16.4s
cisco ios 15.0\\(2\\)se11
cisco ios 15.3\\(3\\)jnc4
cisco ios xe 3.10.2s
cisco ios 15.2\\(2\\)eb2
cisco ios xe 3.13.5as
cisco ios 15.2\\(1\\)e1
cisco ios 15.2\\(5a\\)e1
cisco ios xe 3.6.1e
cisco ios xe 16.3.1
cisco ios 15.2\\(3\\)e1
cisco ios 15.3\\(3\\)m4
cisco ios xe 3.10.1xbs
cisco ios 15.1\\(1\\)sy3
cisco ios 15.3\\(3\\)s1
cisco ios 15.5\\(3\\)m3
cisco ios 15.1\\(2\\)sy4
cisco ios xe 3.15.1s
cisco ios 15.2\\(3\\)gc
cisco ios 15.5\\(1\\)t4
cisco ios 15.2\\(5c\\)e
cisco ios 15.1\\(2\\)sy1
cisco ios 15.4\\(1\\)t4
cisco ios 15.2\\(4\\)s6
cisco ios xe
cisco ios 15.3\\(3\\)jnp4
cisco ios xe 3.16.3as
cisco ios 15.3\\(3\\)m8a
cisco ios 15.0\\(2\\)ej
cisco ios xe 3.13.5s
cisco ios xe 3.8.0e
cisco ios xe 3.18.1csp
cisco ios xe 3.14.0s
cisco ios xe 3.13.6as
cisco ios 15.4\\(3\\)s6
cisco ios 15.2\\(4\\)ec2
cisco ios 15.2\\(2\\)e4
cisco ios 15.3\\(3\\)m1
cisco ios xe 16.3.1a
cisco ios 15.5\\(1\\)sy
cisco ios 15.2\\(4\\)m2
cisco ios xe 3.16.4as
cisco ios 15.4\\(1\\)s
cisco ios xe 3.17.1as
cisco ios 15.2\\(4\\)e3
cisco ios xe 16.2.2
cisco ios 15.6\\(1\\)t0a
cisco ios 15.5\\(3\\)m2
cisco ios 15.1\\(2\\)sy2
cisco ios 15.2\\(2\\)t3
cisco ios xe 3.16.4bs
cisco ios xe 3.5.3e
cisco ios xe 3.7.1s
cisco ios 15.4\\(1\\)t3
cisco ios 15.3\\(1\\)t
cisco ios 15.0\\(2\\)se7
cisco ios 15.4\\(2\\)t1
cisco ios 15.1\\(2\\)sy4a
cisco ios 15.2\\(2\\)gc
cisco ios 15.5\\(1\\)s2
cisco ios 15.1\\(2\\)sy6
cisco ios 15.0\\(2\\)se9
cisco ios 15.2\\(2\\)s2
cisco ios 15.6\\(2\\)t1
cisco ios 15.5\\(1\\)s1
cisco ios 15.3\\(3\\)m2
cisco ios 15.3\\(3\\)jnp2
cisco ios 15.5\\(3\\)s2a
cisco ios 15.2\\(1\\)sy2
cisco ios xe 3.12.1s
cisco ios 15.4\\(2\\)t2
cisco ios xe 3.18.1asp
cisco ios 15.4\\(3\\)m7
cisco ios 15.5\\(1\\)s3
cisco ios 15.1\\(1\\)sy5
cisco ios 15.6\\(1\\)s2
cisco ios 15.4\\(3\\)m6
cisco ios 15.6\\(1\\)t1
cisco ios 15.0\\(2\\)ez
cisco ios 15.3\\(1\\)t3
cisco ios 15.3\\(3\\)m6
cisco ios xe 16.3.3
cisco ios 15.4\\(3\\)m3
cisco ios xe 3.7.3s
cisco ios 15.4\\(2\\)s
cisco ios 15.2\\(2\\)e5b
cisco ios 15.2\\(2\\)snh1
cisco ios 15.5\\(3\\)s1a
cisco ios 15.5\\(3\\)s0a
cisco ios xe 3.7.1as
cisco ios 15.5\\(3\\)m0a
cisco ios xe 3.7.2ts
cisco ios xe 3.13.0s
cisco ios 15.6\\(2\\)s
cisco ios 15.2\\(2\\)s0a
cisco ios xe 3.7.1e
cisco ios xe 3.18.0sp
cisco ios 15.6\\(3\\)m2a
cisco ios 15.3\\(2\\)t
cisco ios 15.3\\(1\\)sy2
cisco ios xe 3.5.0e
cisco ios xe 3.5.1e
cisco ios 15.2\\(3m\\)e8
cisco ios xe 3.11.4s
cisco ios 15.0\\(2\\)ex5
cisco ios 15.2\\(4\\)m6a
cisco ios 15.6\\(2\\)sp
cisco ios xe 3.16.3s
cisco ios 15.3\\(1\\)t4
cisco ios 15.1\\(1\\)sy6
cisco ios 15.3\\(2\\)s0a
cisco ios 15.3\\(3\\)s8a
cisco ios 15.0\\(2\\)se10
cisco ios xe 16.1.4
cisco ios xe 3.13.0as
cisco ios 15.2\\(2\\)t4
cisco ios 15.2\\(2\\)e5
cisco ios xe 16.4.1
cisco ios xe 3.16.2s
cisco ios 15.4\\(3\\)s7a
cisco ios 15.3\\(3\\)jnd2
cisco ios 15.2\\(3\\)t2
cisco ios xe 3.10.5s
cisco ios xe 3.13.3s
cisco ios 15.4\\(1\\)t2
cisco ios 15.4\\(3\\)s7
cisco ios 15.4\\(1\\)sy2
cisco ios 15.6\\(3\\)m1
cisco ios 15.2\\(4\\)gc3
cisco ios 15.2\\(4\\)s4a
cisco ios xe 3.6.6e
cisco ios 15.0\\(2\\)se6
cisco ios 15.4\\(2\\)s2
cisco ios 15.6\\(2\\)sn
cisco ios xe 3.6.5ae
cisco ios 15.1\\(1\\)sy
cisco ios 15.2\\(2\\)t2
cisco ios 15.4\\(3\\)s6a
cisco ios 15.5\\(2\\)s
cisco ios 15.3\\(3\\)jda3
cisco ios 15.5\\(2\\)s1
cisco ios 15.4\\(1\\)s4
cisco ios xe 3.17.1s
cisco ios 15.5\\(3\\)m5
cisco ios 15.2\\(3\\)t1
cisco ios 15.3\\(3\\)jf1
cisco ios xe 3.7.4e
cisco ios xe 16.2.3
cisco ios 15.4\\(3\\)m
cisco ios 15.4\\(1\\)s2
cisco ios xe 3.7.7s
cisco ios 15.5\\(1\\)sy1
cisco ios 15.4\\(1\\)s1
cisco ios 15.2\\(3\\)ex
cisco ios 15.5\\(3\\)s3
cisco ios 15.2\\(4\\)gc1
cisco ios 15.2\\(4\\)s3
cisco ios xe 3.18.2asp
cisco ios xe 3.8.2e
cisco ios 15.5\\(2\\)s2
cisco ios 15.4\\(2\\)s3
cisco ios xe 3.6.0e
cisco ios 15.2\\(3\\)e2
cisco ios xe 3.10.2ts
cisco ios 15.4\\(3\\)s6b
cisco ios 15.0\\(2\\)se4
cisco ios xe 3.10.3s
cisco ios 15.5\\(3\\)s1
cisco ios 15.0\\(2\\)se2
cisco ios 15.2\\(4\\)s1
cisco ios 15.3\\(2\\)s
cisco ios 15.2\\(4\\)m6
cisco ios 15.2\\(4\\)m9
cisco ios 15.0\\(2\\)se1
cisco ios xe 3.11.1s
cisco ios 15.1\\(2\\)sy
cisco ios 15.2\\(2\\)e
cisco ios 15.2\\(2\\)sy2
cisco ios 15.2\\(4\\)m8
cisco ios 15.0\\(2\\)ex1
cisco ios xe 3.5.2e
cisco ios 15.2\\(4\\)m11
cisco ios 15.2\\(2\\)sy3
cisco ios xe 3.13.2as
cisco ios 15.0\\(2\\)ej1
cisco ios 15.4\\(3\\)m4
cisco ios 15.1\\(2\\)sy5
cisco ios 15.3\\(3\\)jc51
cisco ios xe 3.7.4s
cisco ios 15.3\\(1\\)s1
cisco ios 15.3\\(3\\)m5
cisco ios xe 3.10.8as
cisco ios xe 3.18.0s
cisco ios xe 3.9.1as
cisco ios 15.4\\(3\\)s
cisco ios 15.2\\(5\\)e2a
cisco ios 15.3\\(3\\)s1a
cisco ios 15.4\\(3\\)s1
cisco ios 15.2\\(1\\)ey
cisco ios 15.3\\(3\\)jpb2
cisco ios 15.0\\(2a\\)ex5
cisco ios xe 3.9.1e
cisco ios 15.4\\(2\\)s1
cisco ios 15.5\\(3\\)s2b
cisco ios xe 3.13.2s
cisco ios 15.2\\(5\\)e1
cisco ios xe 3.16.2as
cisco ios 15.2\\(3m\\)e3
cisco ios 15.2\\(3m\\)e2
cisco ios 15.2\\(4\\)s
cisco ios 15.3\\(3\\)jpc3
cisco ios 15.1\\(2\\)sy7
cisco ios 15.4\\(2\\)cg
cisco ios 15.5\\(3\\)s
cisco ios xe 3.16.1s
cisco ios xe 16.3.4
cisco ios 15.2\\(2\\)t
cisco ios 15.3\\(3\\)jc7
cisco ios 15.3\\(3\\)s3
cisco ios 15.3\\(1\\)sy
cisco ios xe 3.9.2e
cisco ios 15.1\\(1\\)sy4
cisco ios 15.3\\(3\\)s8
cisco ios 15.3\\(3\\)s2
cisco ios 15.3\\(3\\)jd7
cisco ios 15.2\\(1\\)e3
cisco ios 15.6\\(2\\)s1
cisco ios xe 3.6.4e
cisco ios 15.3\\(1\\)t1
cisco ios 15.1\\(1\\)sy1
cisco ios 15.6\\(1\\)s1
cisco ios 15.3\\(3\\)s4
cisco ios 15.3\\(2\\)t3
cisco ios 15.3\\(3\\)m8
cisco ios 15.2\\(1\\)sy1
cisco ios 15.2\\(1\\)sy0a
cisco ios xe 3.13.7as
cisco ios 15.3\\(3\\)m9
cisco ios 15.2\\(1\\)sy4
cisco ios 15.3\\(3\\)jca7
cisco ios xe 3.10.0s
cisco ios 15.2\\(1\\)sy3
cisco ios 15.2\\(4\\)s5
cisco ios xe 3.14.1s
cisco ios 15.4\\(3\\)s5
cisco ios 15.2\\(2\\)e6
cisco ios xe 3.7.3e
cisco ios 15.6\\(3\\)m1b
cisco ios xe 3.14.2s
cisco ios 15.5\\(1\\)t
cisco ios xe 3.10.8s
cisco ios 15.2\\(1\\)e
cisco ios 15.2\\(4\\)e
cisco ios xe 16.1.2
cisco ios 15.2\\(4p\\)e1
cisco ios xe 3.12.0s
cisco ios xe 3.14.3s
cisco ios 15.5\\(1\\)s4
cisco ios xe 3.8.0ex
cisco ios 15.2\\(4\\)ec1
cisco ios 15.3\\(1\\)sy1
cisco ios xe 3.6.1s
cisco ios 15.5\\(2\\)s4
cisco ios 15.5\\(3\\)m1
cisco ios 15.4\\(3\\)s3
cisco ios xe 3.17.0s
cisco ios 15.6\\(2\\)sp1b
cisco ios 15.4\\(2\\)t4
cisco ios xe 3.6.5e
cisco ios 15.5\\(3\\)s2
cisco ios 15.4\\(3\\)m6a
cisco ios xe 3.11.0s
cisco ios 15.2\\(4\\)m7
cisco ios 15.4\\(1\\)sy
cisco ios 15.2\\(4\\)s3a
cisco ios xe 3.15.0s
cisco ios 15.5\\(1\\)t1
cisco ios 15.5\\(2\\)s3
cisco ios 15.5\\(3\\)s4d
cisco ios 15.6\\(1\\)s
cisco ios xe 3.8.1e
cisco ios 15.0\\(2\\)ex4
cisco ios 15.2\\(3\\)t
cisco ios 15.1\\(2\\)sy3
cisco ios 15.2\\(4\\)s7
cisco ios 15.2\\(4\\)gc2
cisco ios 15.2\\(2\\)t1
cisco ios xe 3.7.5e
cisco ios xe 16.5.1
cisco ios 15.4\\(2\\)s4
cisco ios xe 3.6.2s
cisco ios 15.2\\(4\\)s4
cisco ios 15.2\\(2\\)sy1
cisco ios 15.2\\(2\\)sni
cisco ios xe 3.18.1bsp
cisco ios 15.5\\(3\\)s4
cisco ios 15.5\\(2\\)t1
cisco ios xe 3.13.4s
cisco ios 15.2\\(4o\\)e2
cisco ios 15.2\\(4\\)gc
cisco ios 15.5\\(2\\)t3
cisco ios 15.2\\(3\\)t3
cisco ios 15.0\\(2\\)se10a
cisco ios 15.5\\(2\\)t2
cisco ios 15.2\\(2a\\)e2

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition The vulnerability is due to how an affected devi ...

CWE-400 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ike http://www.securitytracker.com/id/1039460 http://www.securityfocus.com/bid/101037 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ike

Get Started

CVE-2017-12237

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect