Cisco IOS and IOS XE Multiple Vulnerabilities
Last Update Date:
30 Jun 2017 09:19
Release Date:
30 Jun 2017
4666
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Cisco IOS/ IOS XE. A remote authenticated user can execute arbitrary code on the target system.
Note: No patch is currently available but there exists a workaround.
Impact
- Remote Code Execution
System / Technologies affected
- All versions of SNMP (Versions 1, 2c, and 3)
- Devices configured with any of the following MIBs are vulnerable:
- ADSL-LINE-MIB
- ALPS-MIB
- CISCO-ADSL-DMT-LINE-MIB
- CISCO-BSTUN-MIB
- CISCO-MAC-AUTH-BYPASS-MIB
- CISCO-SLB-EXT-MIB
- CISCO-VOICE-DNIS-MIB
- CISCO-VOICE-NUMBER-EXPANSION-MIB
- TN3270E-RT-MIB
Solutions
- Note: No patch is currently available but there exists a workaround:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp#workarounds
Vulnerability Identifier
- CVE-2017-6736
- CVE-2017-6737
- CVE-2017-6738
- CVE-2017-6739
- CVE-2017-6740
- CVE-2017-6741
- CVE-2017-6742
- CVE-2017-6743
- CVE-2017-6744
Source
Related Link
Share with