Remote Code Execution Vulnerability in Cisco IOS and IOS XE SNMP Subsystem
CVE-2017-6743
Key Information:
- Vendor
Cisco
- Status
- Vendor
- CVE Published:
- 17 July 2017
Badges
What is CVE-2017-6743?
The Simple Network Management Protocol (SNMP) subsystem in specific versions of Cisco IOS and IOS XE is vulnerable to multiple issues that could let an authenticated remote attacker execute arbitrary code or make the system reload. By sending specially crafted SNMP packets, attackers may exploit these vulnerabilities over both IPv4 and IPv6. Exploitation requires knowledge of the SNMP read-only community string for affected versions prior to Version 3, while in Version 3, valid user credentials are necessary. All devices with SNMP enabled that do not specifically exclude the vulnerable Management Information Bases (MIBs) or Object Identifiers (OIDs) may be open to these threats. Relevant Cisco Bug IDs include CSCve60376 and CSCve78027.
CISA has reported CVE-2017-6743
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-6743 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
IOS 12.1(3)XI
IOS 12.2(1b)DA
IOS 12.2(5)DA
References
EPSS Score
8% chance of being exploited in the next 30 days.
CVSS V3.1
CVSS V3.0
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved