Buffer Overflow Vulnerability in Cisco IOS and IOS XE Software SNMP Subsystem
CVE-2017-6744
Key Information:
- Vendor
Cisco
- Status
- Vendor
- CVE Published:
- 17 July 2017
Badges
What is CVE-2017-6744?
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software is susceptible to vulnerabilities that enable an authenticated, remote attacker to execute arbitrary code or cause the system to reload. Exploitation involves the transmission of specially-crafted SNMP packets via both IPv4 and IPv6 protocols. The SNMP versions impacted include 1, 2c, and 3, with specific exploit requirements for each version, such as knowledge of the SNMP read-only community string for versions 1 and 2c, or valid user credentials for version 3. A successful attack can grant attackers full control over the affected system, leading to severe security implications. It is critical for users to implement the recommended workarounds and update their systems using the Cisco IOS Software Checker to mitigate these risks.
CISA has reported CVE-2017-6744
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-6744 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
IOS 12.1(3)XI
IOS 12.2(1b)DA
IOS 12.2(5)DA
References
EPSS Score
16% chance of being exploited in the next 30 days.
CVSS V3.1
CVSS V3.0
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved