Cisco Products Multiple Vulnerabilities

Impact

• Denial of Service
• Elevation of Privilege
• Remote Code Execution

System / Technologies affected

Please refer to links below for detail:

• https://www.auscert.org.au/render.html?it=45538
• https://www.auscert.org.au/render.html?it=45510
• https://www.auscert.org.au/render.html?it=45506
• http://securitytracker.com/id/1038065
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

• [Updated on 10-May-2017] For CVE-2017-3881, the vendor has issued fixed releases.
  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
• For the other vulnerabilities and more information, please refer to link below:
  • https://www.auscert.org.au/render.html?it=45538
  • https://www.auscert.org.au/render.html?it=45510
  • https://www.auscert.org.au/render.html?it=45506
  • http://securitytracker.com/id/1038065

Vulnerability Identifier

• CVE-2017-5638
• CVE-2017-3881
• CVE-2017-3850
• CVE-2017-3849

Source

• SecurityTracker
• AusCERT

Related Link

• https://www.auscert.org.au/render.html?it=45538
• http://securitytracker.com/id/1038065
• https://www.auscert.org.au/render.html?it=45510
• https://www.auscert.org.au/render.html?it=45506
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp