Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.4
CVSSv3

CVE-2017-3849

Published: 21/03/2017 Updated: 12/07/2017
CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5
CVSS v3 Base Score: 7.4 | Impact Score: 4 | Exploitability Score: 2.8
VMScore: 543
Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Ios

Vulnerability Summary

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 up to and including 15.6) and Cisco IOS XE Software (possibly 3.7 up to and including 3.18, and 16) could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the malicious user to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 15.5\\(3\\)sn

cisco ios xe 3.13.3s

cisco ios 15.6\\(1\\)s1

cisco ios xe 3.10.2s

cisco ios 15.4\\(3\\)s6

cisco ios xe 3.18.0sp

cisco ios 15.6\\(2\\)sp

cisco ios 15.5\\(3\\)s1a

cisco ios 15.2\\(5a\\)e

cisco ios xe 3.7.3e

cisco ios 15.5\\(1\\)s

cisco ios xe 3.10.6s

cisco ios xe 3.14.2s

cisco ios xe 3.15.2s

cisco ios xe 3.18.0as

cisco ios xe 3.16.0cs

cisco ios xe 3.14.4s

cisco ios xe 3.10.8s

cisco ios xe 3.10.1xbs

cisco ios xe 3.8.1e

cisco ios xe 3.7.0e

cisco ios xe 3.18.1bsp

cisco ios 15.6\\(2\\)sp1

cisco ios xe 3.12.3s

cisco ios xe 3.7.5e

cisco ios xe 3.14.3s

cisco ios xe 3.17.1s

cisco ios xe 3.13.5s

cisco ios 15.5\\(3\\)s

cisco ios xe 3.13.2as

cisco ios xe 3.16.4as

cisco ios 15.4\\(3\\)s1

cisco ios xe 3.13.5as

cisco ios 15.5\\(2\\)s2

cisco ios xe 3.18.1asp

cisco ios 15.4\\(3\\)s4

cisco ios 15.4\\(3\\)s6a

cisco ios 15.4\\(2\\)s4

cisco ios 15.2\\(3\\)e3

cisco ios xe 3.10.1s

cisco ios 15.5\\(1\\)s3

cisco ios xe 3.16.5s

cisco ios xe 3.16.4bs

cisco ios xe 3.18.0s

cisco ios xe 3.16.4ds

cisco ios 15.5\\(3\\)s3

cisco ios 15.4\\(2\\)s1

cisco ios 15.3\\(3\\)s1

cisco ios 15.5\\(3\\)s4

cisco ios xe 3.15.1s

cisco ios 15.5\\(2\\)s

cisco ios xe 3.10.7s

cisco ios 15.3\\(3\\)s9

cisco ios xe 3.8.0e

cisco ios xe 3.7.2e

cisco ios xe 3.10.4s

cisco ios xe 3.14.0s

cisco ios xe 3.13.6as

cisco ios 15.4\\(1\\)s3

cisco ios 15.3\\(3\\)s

cisco ios xe 3.17.3s

cisco ios 15.4\\(3\\)s3

cisco ios 15.2\\(4\\)e

cisco ios 15.2\\(3\\)e2

cisco ios xe 3.16.2s

cisco ios 15.6\\(1\\)s3

cisco ios xe 3.8.2e

cisco ios 15.4\\(3\\)s2

cisco ios xe 3.11.0s

cisco ios xe 3.16.4s

cisco ios xe 3.16.1s

cisco ios xe 3.16.1as

cisco ios xe 3.12.1s

cisco ios xe 3.15.3s

cisco ios xe 3.13.6s

cisco ios 15.3\\(3\\)s8

cisco ios 15.3\\(3\\)s3

cisco ios 15.4\\(2\\)s2

cisco ios 15.2\\(4\\)e2

cisco ios xe 3.10.8as

cisco ios 15.3\\(3\\)s2

cisco ios 15.5\\(3\\)s5

cisco ios 15.2\\(3\\)e

cisco ios 15.2\\(4\\)e1

cisco ios xe 3.16.3s

cisco ios 15.5\\(1\\)s2

cisco ios xe 3.16.3as

cisco ios xe 3.8.3e

cisco ios 15.6\\(2\\)t

cisco ios xe 3.18.2s

cisco ios xe 3.15.1cs

cisco ios 15.3\\(3\\)s4

cisco ios 15.5\\(1\\)s1

cisco ios 15.4\\(2\\)s3

cisco ios 15.6\\(3\\)m

cisco ios xe 3.9.1e

cisco ios 15.6\\(2\\)s2

cisco ios xe 3.7.4e

cisco ios 15.3\\(3\\)s6

cisco ios 15.2\\(5\\)e

cisco ios 15.6\\(1\\)t1

cisco ios 15.4\\(3\\)s

cisco ios xe 3.17.0s

cisco ios xe 3.7.1e

cisco ios 15.6\\(2\\)s1

cisco ios 15.2\\(3\\)e1

cisco ios xe 3.10.0s

cisco ios xe 3.18.1sp

cisco ios xe 3.15.4s

cisco ios xe 3.16.2bs

cisco ios xe 3.13.0as

cisco ios xe 3.16.0s

cisco ios xe 3.12.4s

cisco ios 15.5\\(2\\)s4

cisco ios xe 3.11.1s

cisco ios 15.4\\(1\\)s2

cisco ios 15.5\\(3\\)s0a

cisco ios xe 3.13.0s

cisco ios xe 3.18.1s

cisco ios xe 3.11.3s

cisco ios xe 3.10.5s

cisco ios xe 3.14.1s

cisco ios 15.5\\(3\\)s2

cisco ios xe 3.17.2s

cisco ios xe 3.17.1as

cisco ios 15.4\\(1\\)s4

cisco ios xe 3.9.0e

cisco ios 15.2\\(4\\)e3

cisco ios 15.6\\(1\\)t2

cisco ios xe 3.12.2s

cisco ios xe 3.15.0s

cisco ios xe 3.11.4s

cisco ios 15.6\\(2\\)s

cisco ios 15.6\\(2\\)sn

cisco ios 15.2\\(5b\\)e

cisco ios xe 3.11.2s

cisco ios 15.6\\(2\\)t1

cisco ios xe 3.18.3vs

cisco ios 15.6\\(3\\)m1

cisco ios xe 3.13.1s

cisco ios 15.4\\(1\\)s

cisco ios 15.6\\(3\\)m0a

cisco ios 15.5\\(2\\)s1

cisco ios 15.4\\(3\\)s5

cisco ios xe 3.10.2ts

cisco ios 15.2\\(5\\)e1

cisco ios xe 3.10.3s

cisco ios 15.5\\(1\\)s4

cisco ios 15.5\\(3\\)s1

cisco ios 15.6\\(1\\)s2

cisco ios 15.6\\(2\\)t2

cisco ios 15.4\\(1\\)s1

cisco ios xe 3.13.2s

cisco ios xe 3.12.0as

cisco ios xe 3.18.1csp

cisco ios xe 3.13.4s

cisco ios 15.6\\(1\\)s

cisco ios 15.3\\(3\\)s5

cisco ios 15.6\\(1\\)t

cisco ios 15.5\\(2\\)s3

cisco ios 15.6\\(1\\)t0a

References

CWE-20https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-anihttp://www.securityfocus.com/bid/96972http://www.securitytracker.com/id/1038064https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook