Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3856 (GCVE-0-2017-3856)
Vulnerability from cvelistv5 – Published: 2017-03-22 19:00 – Updated: 2024-08-05 14:39
VLAI?
EPSS
Summary
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.
Severity ?
No CVSS data available.
CWE
- CWE-399 - Denial of Service Vulnerability
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco IOS XE |
Affected:
Cisco IOS XE
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038101"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"name": "97007",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS XE"
}
]
}
],
"datePublic": "2017-03-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399 Denial of Service Vulnerability",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1038101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038101"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"name": "97007",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399 Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038101",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038101"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"name": "97007",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3856",
"datePublished": "2017-03-22T19:00:00.000Z",
"dateReserved": "2016-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:39:41.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2017-3856
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3856",
"description": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.",
"id": "GSD-2017-3856"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3856"
],
"details": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.",
"id": "GSD-2017-3856",
"modified": "2023-12-13T01:21:16.185968Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE",
"version": {
"version_data": [
{
"version_value": "Cisco IOS XE"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399 Denial of Service Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038101",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038101"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"name": "97007",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97007"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.3as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.1se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.1sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.4sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.5sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.1se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.1sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.3se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.4se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.0sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.3sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.7sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.8sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.1sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.5sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8ex:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.0sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.4as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.1xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.6sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.7sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.1sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.1xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.5se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.0sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.4sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.0bs:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.4e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.0ex:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.1sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.1xbs:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.0se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.0sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.2se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.2sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.8sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.9sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.0se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.0sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.0sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.2se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.1sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.1sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.5sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.2sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.3e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.5e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.5ae:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10.2ts:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.0xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.11sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.3se:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2.3sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2ja:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.0xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.2sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3.2xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3xo:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.2sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.4.6sg:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.0sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.3sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5.4sq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6.5be:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3856"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"name": "97007",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97007"
},
{
"name": "1038101",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1038101"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-03-22T19:59Z"
}
}
}
CERTFR-2017-AVI-089
Vulnerability from certfr_avis - Published: 2017-03-23 - Updated: 2017-03-23
De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | N/A | Cisco IR809 exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | IOS XE | Cisco IOS et IOS XE sans le dernier correctif de sécurité | ||
| Cisco | N/A | Cisco ASR1002HX exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ASR1001HX exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ASR1002X exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ISR4451 exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ASR1001X exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco IR829 exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | IOS XE | Cisco IOS XE version 16.2.1 avec le serveur HTTP activé | ||
| Cisco | N/A | Cisco ISR4321 exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ISR4331 exécutant Cisco IOx versions antérieures à 1.2.4.2 | ||
| Cisco | N/A | Cisco ISR4351 exécutant Cisco IOx versions antérieures à 1.2.4.2 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco IR809 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS et IOS XE sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "IOS XE",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASR1002HX ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASR1001HX ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASR1002X ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISR4451 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASR1001X ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IR829 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS XE version 16.2.1 avec le serveur HTTP activ\u00e9",
"product": {
"name": "IOS XE",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISR4321 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISR4331 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISR4351 ex\u00e9cutant Cisco IOx versions ant\u00e9rieures \u00e0 1.2.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3864",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3864"
},
{
"name": "CVE-2017-3849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3849"
},
{
"name": "CVE-2017-3858",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3858"
},
{
"name": "CVE-2017-3852",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3852"
},
{
"name": "CVE-2017-3853",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3853"
},
{
"name": "CVE-2017-3850",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3850"
},
{
"name": "CVE-2017-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3859"
},
{
"name": "CVE-2017-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3856"
},
{
"name": "CVE-2017-3851",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3851"
},
{
"name": "CVE-2017-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3857"
}
],
"initial_release_date": "2017-03-23T00:00:00",
"last_revision_date": "2017-03-23T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-caf2 du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-caf1 du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-webui du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170320-aniipv6 du 20 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-l2tp du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-dhcpc du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-xeci du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-iox du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-iox"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170320-ani du 20 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-ztp du 22 mars 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp"
}
],
"reference": "CERTFR-2017-AVI-089",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-03-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-iox du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-ztp du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170320-ani du 20 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-webui du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-caf2 du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-caf1 du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-l2tp du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-dhcpc du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170322-xeci du 22 mars 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170320-aniipv6 du 20 mars 2017",
"url": null
}
]
}
FKIE_CVE-2017-3856
Vulnerability from fkie_nvd - Published: 2017-03-22 19:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/97007 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038101 | ||
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97007 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | 3.1.0s | |
| cisco | ios_xe | 3.1.0sg | |
| cisco | ios_xe | 3.1.1s | |
| cisco | ios_xe | 3.1.1sg | |
| cisco | ios_xe | 3.1.2s | |
| cisco | ios_xe | 3.1.3as | |
| cisco | ios_xe | 3.1.3s | |
| cisco | ios_xe | 3.1.4as | |
| cisco | ios_xe | 3.1.4s | |
| cisco | ios_xe | 3.1s | |
| cisco | ios_xe | 3.1sg | |
| cisco | ios_xe | 3.2.0ja | |
| cisco | ios_xe | 3.2.0se | |
| cisco | ios_xe | 3.2.0sg | |
| cisco | ios_xe | 3.2.0xo | |
| cisco | ios_xe | 3.2.1s | |
| cisco | ios_xe | 3.2.1se | |
| cisco | ios_xe | 3.2.1sg | |
| cisco | ios_xe | 3.2.1xo | |
| cisco | ios_xe | 3.2.2s | |
| cisco | ios_xe | 3.2.2se | |
| cisco | ios_xe | 3.2.2sg | |
| cisco | ios_xe | 3.2.3se | |
| cisco | ios_xe | 3.2.3sg | |
| cisco | ios_xe | 3.2.4sg | |
| cisco | ios_xe | 3.2.5sg | |
| cisco | ios_xe | 3.2.6sg | |
| cisco | ios_xe | 3.2.7sg | |
| cisco | ios_xe | 3.2.8sg | |
| cisco | ios_xe | 3.2.9sg | |
| cisco | ios_xe | 3.2.11sg | |
| cisco | ios_xe | 3.2ja | |
| cisco | ios_xe | 3.2s | |
| cisco | ios_xe | 3.2se | |
| cisco | ios_xe | 3.2sg | |
| cisco | ios_xe | 3.2xo | |
| cisco | ios_xe | 3.3.0s | |
| cisco | ios_xe | 3.3.0se | |
| cisco | ios_xe | 3.3.0sg | |
| cisco | ios_xe | 3.3.0sq | |
| cisco | ios_xe | 3.3.0xo | |
| cisco | ios_xe | 3.3.1s | |
| cisco | ios_xe | 3.3.1se | |
| cisco | ios_xe | 3.3.1sg | |
| cisco | ios_xe | 3.3.1sq | |
| cisco | ios_xe | 3.3.1xo | |
| cisco | ios_xe | 3.3.2s | |
| cisco | ios_xe | 3.3.2se | |
| cisco | ios_xe | 3.3.2sg | |
| cisco | ios_xe | 3.3.2xo | |
| cisco | ios_xe | 3.3.3se | |
| cisco | ios_xe | 3.3.4se | |
| cisco | ios_xe | 3.3.5se | |
| cisco | ios_xe | 3.3s | |
| cisco | ios_xe | 3.3se | |
| cisco | ios_xe | 3.3sg | |
| cisco | ios_xe | 3.3sq | |
| cisco | ios_xe | 3.3xo | |
| cisco | ios_xe | 3.4.0as | |
| cisco | ios_xe | 3.4.0s | |
| cisco | ios_xe | 3.4.0sg | |
| cisco | ios_xe | 3.4.0sq | |
| cisco | ios_xe | 3.4.1s | |
| cisco | ios_xe | 3.4.1sg | |
| cisco | ios_xe | 3.4.1sq | |
| cisco | ios_xe | 3.4.2s | |
| cisco | ios_xe | 3.4.2sg | |
| cisco | ios_xe | 3.4.3s | |
| cisco | ios_xe | 3.4.3sg | |
| cisco | ios_xe | 3.4.4s | |
| cisco | ios_xe | 3.4.4sg | |
| cisco | ios_xe | 3.4.5s | |
| cisco | ios_xe | 3.4.5sg | |
| cisco | ios_xe | 3.4.6s | |
| cisco | ios_xe | 3.4.6sg | |
| cisco | ios_xe | 3.4.7sg | |
| cisco | ios_xe | 3.4.8sg | |
| cisco | ios_xe | 3.4s | |
| cisco | ios_xe | 3.4sg | |
| cisco | ios_xe | 3.4sq | |
| cisco | ios_xe | 3.5.0e | |
| cisco | ios_xe | 3.5.0s | |
| cisco | ios_xe | 3.5.0sq | |
| cisco | ios_xe | 3.5.1e | |
| cisco | ios_xe | 3.5.1s | |
| cisco | ios_xe | 3.5.1sq | |
| cisco | ios_xe | 3.5.2e | |
| cisco | ios_xe | 3.5.2s | |
| cisco | ios_xe | 3.5.2sq | |
| cisco | ios_xe | 3.5.3e | |
| cisco | ios_xe | 3.5.3sq | |
| cisco | ios_xe | 3.5.4sq | |
| cisco | ios_xe | 3.5.5sq | |
| cisco | ios_xe | 3.5e | |
| cisco | ios_xe | 3.5s | |
| cisco | ios_xe | 3.5sq | |
| cisco | ios_xe | 3.6.0e | |
| cisco | ios_xe | 3.6.0s | |
| cisco | ios_xe | 3.6.1e | |
| cisco | ios_xe | 3.6.1s | |
| cisco | ios_xe | 3.6.2ae | |
| cisco | ios_xe | 3.6.2s | |
| cisco | ios_xe | 3.6.3e | |
| cisco | ios_xe | 3.6.4e | |
| cisco | ios_xe | 3.6.5ae | |
| cisco | ios_xe | 3.6.5be | |
| cisco | ios_xe | 3.6.5e | |
| cisco | ios_xe | 3.6e | |
| cisco | ios_xe | 3.6s | |
| cisco | ios_xe | 3.7.0bs | |
| cisco | ios_xe | 3.7.0e | |
| cisco | ios_xe | 3.7.0s | |
| cisco | ios_xe | 3.7.1e | |
| cisco | ios_xe | 3.7.1s | |
| cisco | ios_xe | 3.7.2e | |
| cisco | ios_xe | 3.7.2s | |
| cisco | ios_xe | 3.7.2ts | |
| cisco | ios_xe | 3.7.3e | |
| cisco | ios_xe | 3.7.3s | |
| cisco | ios_xe | 3.7.4e | |
| cisco | ios_xe | 3.7.4s | |
| cisco | ios_xe | 3.7.5s | |
| cisco | ios_xe | 3.7.6s | |
| cisco | ios_xe | 3.7.7s | |
| cisco | ios_xe | 3.7e | |
| cisco | ios_xe | 3.7s | |
| cisco | ios_xe | 3.8.0e | |
| cisco | ios_xe | 3.8.0ex | |
| cisco | ios_xe | 3.8.0s | |
| cisco | ios_xe | 3.8.1e | |
| cisco | ios_xe | 3.8.1s | |
| cisco | ios_xe | 3.8.2e | |
| cisco | ios_xe | 3.8.2s | |
| cisco | ios_xe | 3.8e | |
| cisco | ios_xe | 3.8ex | |
| cisco | ios_xe | 3.8s | |
| cisco | ios_xe | 3.9.0e | |
| cisco | ios_xe | 3.9.0s | |
| cisco | ios_xe | 3.9.1s | |
| cisco | ios_xe | 3.9.2s | |
| cisco | ios_xe | 3.9e | |
| cisco | ios_xe | 3.9s | |
| cisco | ios_xe | 3.10.0s | |
| cisco | ios_xe | 3.10.1s | |
| cisco | ios_xe | 3.10.1xbs | |
| cisco | ios_xe | 3.10.2s | |
| cisco | ios_xe | 3.10.2ts | |
| cisco | ios_xe | 3.10.3s | |
| cisco | ios_xe | 3.10.4s | |
| cisco | ios_xe | 3.10.5s | |
| cisco | ios_xe | 3.10.6s | |
| cisco | ios_xe | 3.10.7s | |
| cisco | ios_xe | 3.10.8s | |
| cisco | ios_xe | 3.10s | |
| cisco | ios_xe | 3.11.0s | |
| cisco | ios_xe | 3.11.1s | |
| cisco | ios_xe | 3.11.2s | |
| cisco | ios_xe | 3.11.3s | |
| cisco | ios_xe | 3.11.4s | |
| cisco | ios_xe | 3.11s | |
| cisco | ios_xe | 3.12.0as | |
| cisco | ios_xe | 3.12.0s | |
| cisco | ios_xe | 3.12.1s | |
| cisco | ios_xe | 3.12.2s | |
| cisco | ios_xe | 3.12.3s | |
| cisco | ios_xe | 3.12.4s | |
| cisco | ios_xe | 3.12s | |
| cisco | ios_xe | 3.13.0as | |
| cisco | ios_xe | 3.13.0s | |
| cisco | ios_xe | 3.13.1s | |
| cisco | ios_xe | 3.13.2as | |
| cisco | ios_xe | 3.13.2s | |
| cisco | ios_xe | 3.13.3s | |
| cisco | ios_xe | 3.13.4s | |
| cisco | ios_xe | 3.13s | |
| cisco | ios_xe | 3.14.0s | |
| cisco | ios_xe | 3.14.1s | |
| cisco | ios_xe | 3.14.2s | |
| cisco | ios_xe | 3.14.3s | |
| cisco | ios_xe | 3.14.4s | |
| cisco | ios_xe | 3.14s | |
| cisco | ios_xe | 3.15.0s | |
| cisco | ios_xe | 3.15.1cs | |
| cisco | ios_xe | 3.15.1s | |
| cisco | ios_xe | 3.15.2s | |
| cisco | ios_xe | 3.15.3s | |
| cisco | ios_xe | 3.15s | |
| cisco | ios_xe | 3.16.0cs | |
| cisco | ios_xe | 3.16.0s | |
| cisco | ios_xe | 3.16.1as | |
| cisco | ios_xe | 3.16.1s | |
| cisco | ios_xe | 3.16s | |
| cisco | ios_xe | 3.17.0s | |
| cisco | ios_xe | 3.17.1as | |
| cisco | ios_xe | 3.17.1s | |
| cisco | ios_xe | 3.17.2s | |
| cisco | ios_xe | 3.17.3s | |
| cisco | ios_xe | 3.17s |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A13401-2660-483E-89A5-6420B5866BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.0sg:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5F84EF-1C19-4AB3-BD01-A3DE47B2A46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "77FC74E2-2510-40F5-BB2B-11608B844E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.1sg:*:*:*:*:*:*:*",
"matchCriteriaId": "7E021FDA-0D92-4A81-8721-EED507426922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69E845-700C-4250-B528-9482A5362F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.3as:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE45DBE-1CE2-4CAC-81E6-1BA07F0D90EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "389D6E60-F6AB-40B8-B894-CE97BF13AE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.4as:*:*:*:*:*:*:*",
"matchCriteriaId": "9388B3A6-2952-4895-B1C1-2B7F160AB637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "1A40EA0A-1642-4950-9943-20C1888C18D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDE42DA-9889-4887-A1EE-054F76D0B1AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1sg:*:*:*:*:*:*:*",
"matchCriteriaId": "60F5B7DD-84B9-4E69-8E17-CF97219A75AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*",
"matchCriteriaId": "52BC2A87-31EC-4E15-86E3-ECBEFA9E479A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0se:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFD3A39-9E02-409C-9F9C-9C90D58D3A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0sg:*:*:*:*:*:*:*",
"matchCriteriaId": "86C0900A-1354-4A20-B5ED-8C005BCE4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0xo:*:*:*:*:*:*:*",
"matchCriteriaId": "E6256C79-DBDA-4ED7-AA3B-DE78B8C387B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "429F3E17-5C65-4C91-8881-AAEAA00BCD44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.1se:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A0FE9F-FFEC-400B-8CDF-2888FDCD01A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.1sg:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5B811A-AAAD-49C0-8FC2-5C79078BA6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.1xo:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8E13E8-A609-4635-8427-558FA2359484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "F47E76FF-DE36-463D-B610-A99C90AF7B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.2se:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD751BA-0987-48BB-89C0-A82F78816423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.2sg:*:*:*:*:*:*:*",
"matchCriteriaId": "3104D911-5FFC-4605-B234-6FD40A206DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.3se:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF46126-B8C2-4C03-BF28-F36BB54A6F01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.3sg:*:*:*:*:*:*:*",
"matchCriteriaId": "EC787C70-6540-4AF7-9F05-8FD86284091E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.4sg:*:*:*:*:*:*:*",
"matchCriteriaId": "FC716D3D-5C37-4E36-8F6B-53801DC7225E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.5sg:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E289B7-7692-448B-B15E-224AF4F01D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.6sg:*:*:*:*:*:*:*",
"matchCriteriaId": "E42A8A6F-A732-4441-A94F-FCDFA960EB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.7sg:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9EC5B2-CAE1-4C8F-8F96-FE006049FF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.8sg:*:*:*:*:*:*:*",
"matchCriteriaId": "895D2447-BD8A-473C-B26E-06897080DD2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.9sg:*:*:*:*:*:*:*",
"matchCriteriaId": "F8169591-4C3D-4C32-A24F-EACDBC62B77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.11sg:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6584D8-AE44-40D0-990C-94C377DBF275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2ja:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC0307C-7095-4529-995F-FA903BC059E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "2982FEB3-34C5-4430-B8BD-A4ECC977F33D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2se:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BFDC89-6D9F-4AB1-91D2-B50F8AF16C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2sg:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD6BE0B-53E4-4A5F-8D3C-A6A5398D2E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2xo:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF1306A-68AD-4BB7-9199-9740EE56FD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF8A6EC-3C45-4CDB-81B5-4D50CD5C4087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0se:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC52EC4-6658-40AB-A357-F9B538F21ED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0sg:*:*:*:*:*:*:*",
"matchCriteriaId": "A52C1850-27F7-40C8-BA26-660D160AD163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0sq:*:*:*:*:*:*:*",
"matchCriteriaId": "5E519217-3180-4C49-863F-0D10E47F1A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0xo:*:*:*:*:*:*:*",
"matchCriteriaId": "930678B3-1527-4967-9D8F-27FC0DA060AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "737D7668-872C-4246-9AB9-12FF059E231A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1se:*:*:*:*:*:*:*",
"matchCriteriaId": "63B34E77-D0BD-4501-A125-CDBE9A47031F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1sg:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAC822D-E886-46A9-80E8-06DD753A458E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1sq:*:*:*:*:*:*:*",
"matchCriteriaId": "E312CE6B-F3F5-40B3-8862-3BB1314376E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1xo:*:*:*:*:*:*:*",
"matchCriteriaId": "58A34268-7618-48D2-8872-27B5B624543B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CBDA4F-DBB3-4426-8C16-2B2314ACF21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.2se:*:*:*:*:*:*:*",
"matchCriteriaId": "9029376B-E263-4B30-8B97-7101CFF7D39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.2sg:*:*:*:*:*:*:*",
"matchCriteriaId": "6893B368-D3C1-416D-A4E8-6484AF91C7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.2xo:*:*:*:*:*:*:*",
"matchCriteriaId": "C2017A75-CC29-4161-85CB-7A531E5ABB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.3se:*:*:*:*:*:*:*",
"matchCriteriaId": "BD337928-C7D9-4CBC-8785-5C49FCA5B90F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.4se:*:*:*:*:*:*:*",
"matchCriteriaId": "10E83B0A-33F1-4154-969E-E66E800890DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.5se:*:*:*:*:*:*:*",
"matchCriteriaId": "287E952E-588D-4825-9EB3-03CE16F96E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "CB355607-BFDC-4937-A906-3211AD473399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3se:*:*:*:*:*:*:*",
"matchCriteriaId": "3E313042-DB7B-44AA-9DF6-3C07FC140680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3sg:*:*:*:*:*:*:*",
"matchCriteriaId": "9B56D76E-BEA0-490F-9FB8-9CE7422E9432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3sq:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830496-1643-4DD0-8C4F-2778E5E600C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3xo:*:*:*:*:*:*:*",
"matchCriteriaId": "E82B087D-59EF-42D4-B875-6230A46C6854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0sg:*:*:*:*:*:*:*",
"matchCriteriaId": "4C809C7E-738B-461F-9155-BC19AAC8B661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0sq:*:*:*:*:*:*:*",
"matchCriteriaId": "1D918A4A-7E60-4C8B-86D8-82BCA99B0844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1sg:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CDB780-F259-4A2D-B32C-0401601715FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1sq:*:*:*:*:*:*:*",
"matchCriteriaId": "596A43FC-0DDA-4AF6-A4A4-A488B5740D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2sg:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DBFACA-112F-48F6-BF0C-37FC6D133EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3sg:*:*:*:*:*:*:*",
"matchCriteriaId": "95384E18-A319-4BFA-912F-7AC7C664A80A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6E83FC-CFAE-45EA-9F20-830FC5E97399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4sg:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3C5A2B-85A8-4B75-A067-335D1DFE8C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B3BCAC-8317-41C4-9A60-85B693818044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.5sg:*:*:*:*:*:*:*",
"matchCriteriaId": "85512107-7E38-4C00-96D0-01D9EE7DD903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "1FBC4A31-F564-4F5F-86C9-08964EFB3AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.6sg:*:*:*:*:*:*:*",
"matchCriteriaId": "7707BC4D-6090-44CF-B304-A54A46FAD32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.7sg:*:*:*:*:*:*:*",
"matchCriteriaId": "53D28F4F-5E14-48C1-8353-4D6A8C657FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.8sg:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC7331C-F9D5-4E3C-B39A-11E1ED9240DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "8151EE20-D1CD-42E3-9E1A-FE1CA4CCC4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4sg:*:*:*:*:*:*:*",
"matchCriteriaId": "1691574B-022B-4B0F-AE62-0DFC002466D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4sq:*:*:*:*:*:*:*",
"matchCriteriaId": "D215A930-707E-4A21-AA8C-204AD69633D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "C14EB390-BA15-45C9-B971-D66CD98B0EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0sq:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCF5A7C-202D-44F8-97D3-694F876050D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "748C5458-8F16-4DA4-8BDE-D00BF42DC8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "86947E54-A1B9-4ECE-92A6-417462249612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1sq:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EA559D-5184-4E19-8A32-ECA41C930AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "2B82207E-7E19-4E0A-93E6-C631897793D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "C910BE7C-517F-4E41-8433-1858F700AA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2sq:*:*:*:*:*:*:*",
"matchCriteriaId": "716D8805-D461-4066-9BFD-1EA895E4B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A02F04-6717-403D-8A6B-B365F74DEE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.3sq:*:*:*:*:*:*:*",
"matchCriteriaId": "7150819E-EFB5-4224-975C-84EDBBB2881D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.4sq:*:*:*:*:*:*:*",
"matchCriteriaId": "E81F4068-35A1-4712-9B88-F6E574B2DE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.5sq:*:*:*:*:*:*:*",
"matchCriteriaId": "28DDB45D-1B19-4FAB-B985-F8E5D38A3ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "9F4CEAD8-F773-4A8B-B076-4EEB61D7F420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "739E564D-A90E-4650-A243-62C025294DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5sq:*:*:*:*:*:*:*",
"matchCriteriaId": "B10CF9F5-B4F9-4F12-9C6F-B6DFBC473337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "455DAAB8-83B4-44B9-B2F7-2DC9EA796898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F462360-3597-420B-ACB8-44A6F622C8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*",
"matchCriteriaId": "39DED4C1-E7AF-48E0-8B1A-839A87E52992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "E77A9A46-517E-467B-A702-E6F6DD9FCD96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "AD485792-290B-4553-AAB2-DA7427DE7131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5ae:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7139C7-3C02-46C9-8F89-CB517A706CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5be:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AD00E6-A155-4CCB-B329-7B536BEBC976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "0D365DFD-C99B-4F33-9A90-1162C7A4D3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEDC03A-CDD5-450E-9528-1DB9EC490DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "A59ADC49-F656-4271-9EC8-963D381320E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0bs:*:*:*:*:*:*:*",
"matchCriteriaId": "87687169-312C-41E6-9557-B2536A4CCA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "A56AE607-0AD0-487A-A266-C15EAF40F2CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8B8DBC-F273-4ADE-97F4-584DE23F1CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "55E908D0-7327-42B7-81C0-FA25BF45929C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "705971E9-7FB4-43EA-A1AE-C91865EADE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5420E152-A00C-406C-8E27-6B7ADE4ABF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A56292-386C-4FC8-BC54-EF9E465F891B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "F481A851-D607-4CEF-87C5-147FFBC97D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "036DAA45-B363-47BB-ADBA-992F381572EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "355F4945-4FFA-469F-A799-815F371C637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB1EA1E-D995-4732-9685-75AC9042D484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA68978-C42E-4A5E-A0D6-7887FA0318B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF06D7B-A239-4046-A704-01C54D534F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "4622910B-5459-4FA4-A8D0-239AF2EFFE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD3E067-E41B-4C8E-B5B2-C91CF7153E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "1156EB7F-677D-4267-9814-C14820B4E18A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "013DD522-1561-4468-A350-C872B78FC291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0ex:*:*:*:*:*:*:*",
"matchCriteriaId": "DC33B0BB-BB47-42AD-9EA4-6B4D63C34E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2835C64E-808F-4A6C-B245-7A9996FAFE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "6907E1FE-760E-4557-A472-1A1F0052B82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1040AF-A087-4791-BFC3-36CA3F3208E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "62291CDD-A775-44B4-85F3-CE1D494F55FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "7F95B900-12A3-4488-BB50-20C972BEE169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8e:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC8D6F3-9A50-437D-B4BE-36CE4ADBC9C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8ex:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8DB158-9B1C-427E-BC84-A03B39BCFEB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "54FEE2D8-2507-4485-A6D2-82393AB19C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "B9EC727B-AF92-460D-B61D-F45ECEEE5D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "94227B25-5C86-453C-9DC8-A8201C1D1FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "10F278DC-5102-4A18-9C72-E8FEEDCC5729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "513675B5-D62C-442D-8754-DC4F221942B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9e:*:*:*:*:*:*:*",
"matchCriteriaId": "13A26079-2C57-41EC-A001-3E2669963967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF55161-75C6-4F79-A261-B99A222EAE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9F45C-E71F-4425-A0C7-DFFEEC93C152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "26FB3B1A-FB8C-4371-A6D2-AB83ECF17F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1xbs:*:*:*:*:*:*:*",
"matchCriteriaId": "48B351B3-3A18-4068-A95D-68942955070E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "2A005E0C-A744-4AFA-A1D1-2E3228E093FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2ts:*:*:*:*:*:*:*",
"matchCriteriaId": "DED25B1B-C47A-45E9-8235-081550FB0AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "86B7EC67-B431-4284-8781-9090D134B781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "3598539F-0EEB-45D6-8BA5-A2A3F69D556C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF349D4-BF1C-4127-B6FA-7AD379F62A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ABE123-BBA5-46CD-8578-4A1F3CB8BA08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "CD674BF9-16F6-4817-9ADE-564A402A5F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DA3731-E719-4DB7-9783-1C00481141EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s:*:*:*:*:*:*:*",
"matchCriteriaId": "62170294-9984-4C61-AFBC-742C6E7CAB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAC081C-9A22-4CBC-A9D0-DD9995801791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "F43F819E-3072-430F-8C52-B43FF28D4687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "C80F59A9-C1EF-4E9B-B204-1EEC7FDF65BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "09A930B7-7B9B-426E-A296-9F29F4A03F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "309952D7-B220-4678-A16D-AA5FF005F782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA33A9E-44A8-4463-9E70-352B5B14DB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "60C5FC5B-BE2E-4BAC-AC23-58666BDEB553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "503EFE9E-C238-46BA-8CA3-DE8D5DDB9A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B6EC8B17-6EC2-47AF-818D-1DFBDA612FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "278ACF0A-949B-486D-8F6C-ADC2AF25FC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "37A30BA4-D760-4321-AAC8-04093AAAEA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "42616EA2-DDCF-4B57-BF2A-37968C82DDC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s:*:*:*:*:*:*:*",
"matchCriteriaId": "A45A232A-C23B-4CC8-BD88-928397DAD8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "246251E8-7D4E-4CD4-8D4F-BF360780FA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "09F35F75-75E8-4A20-94C4-5908E404C8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9C01C1D8-A191-45B7-A6C5-EE225F05A49E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*",
"matchCriteriaId": "16D7ACF1-6A30-4D6E-AA69-D2F365E2791C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "7E50FF89-8E71-4EA0-9AEC-2F800ED9D995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6E9386-30B4-4E86-9676-E7E005274048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70C455-E41C-4B17-847A-5F4281139252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s:*:*:*:*:*:*:*",
"matchCriteriaId": "09642959-B02D-45D0-A084-F820D08E1E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14s:*:*:*:*:*:*:*",
"matchCriteriaId": "22028008-F993-42E4-AB16-6FDDFC348864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA253C-33BC-4601-8433-14E2EA19324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
"matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "D3822447-EB80-4DF2-B7F2-471F55BA99C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16s:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BC0EDB-C32A-42EA-9FE9-FF7F39C83211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEF94C7-CEE6-4696-9F1D-549639A831C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17s:*:*:*:*:*:*:*",
"matchCriteriaId": "3C61D3C1-3A56-49B3-BF68-6E103C5654AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interface web del usuario de Cisco IOS XE 3.1 en versiones hasta 3.17 podr\u00eda permitir a un atacante remoto no autenticado hacer que un dispositivo afectado se recargue. La vulnerabilidad se debe al manejo insuficiente de los recursos por el software afectado cuando la interfaz de usuario web est\u00e1 bajo una carga alta. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un gran n\u00famero de solicitudes a la interfaz de usuario web del software afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el dispositivo afectado se vuelva a cargar, dando como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para aprovechar esta vulnerabilidad, el atacante debe tener acceso a la interfaz de administraci\u00f3n del software afectado, que suele estar conectado a una red de administraci\u00f3n restringida. Esta vulnerabilidad afecta a los dispositivos Cisco que ejecutan una versi\u00f3n vulnerable del software Cisco IOS XE, si est\u00e1 habilitada la interfaz de usuario web del software. De forma predeterminada, la interfaz de usuario web no est\u00e1 habilitada. ID de bugs de Cisco: CSCup70353."
}
],
"id": "CVE-2017-3856",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-22T19:59:00.277",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97007"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1038101"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2017-04987
Vulnerability from cnvd - Published: 2017-04-21
VLAI Severity ?
Title
Cisco IOS XE Software WEB界面拒绝服务漏洞
Description
Cisco IOS XE Software是美国思科公司为其网络设备开发的操作系统。
Cisco IOS XE Software的Web用户界面存在安全漏洞。远程攻击者可利用该漏洞提交特殊的请求,进行拒绝服务攻击。
Severity
高
Patch Name
Cisco IOS XE Software WEB界面拒绝服务漏洞的补丁
Patch Description
Cisco IOS XE Software是美国思科公司为其网络设备开发的操作系统。
Cisco IOS XE Software的Web用户界面存在安全漏洞。远程攻击者可利用该漏洞提交特殊的请求,进行拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui
http://www.securityfocus.com/bid/97007
Impacted products
| Name | Cisco IOS XE Software |
|---|
{
"bids": {
"bid": {
"bidNumber": "97007"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-3856",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3856"
}
},
"description": "Cisco IOS XE Software\u662f\u7f8e\u56fd\u601d\u79d1\u516c\u53f8\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS XE Software\u7684Web\u7528\u6237\u754c\u9762\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Cisco",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-04987",
"openTime": "2017-04-21",
"patchDescription": "Cisco IOS XE Software\u662f\u7f8e\u56fd\u601d\u79d1\u516c\u53f8\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS XE Software\u7684Web\u7528\u6237\u754c\u9762\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco IOS XE Software WEB\u754c\u9762\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Cisco IOS XE Software"
},
"referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui\r\nhttp://www.securityfocus.com/bid/97007",
"serverity": "\u9ad8",
"submitTime": "2017-03-23",
"title": "Cisco IOS XE Software WEB\u754c\u9762\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
GHSA-998W-HGHJ-9WH4
Vulnerability from github – Published: 2022-05-13 01:45 – Updated: 2022-05-13 01:45
VLAI?
Details
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2017-3856"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-22T19:59:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.",
"id": "GHSA-998w-hghj-9wh4",
"modified": "2022-05-13T01:45:56Z",
"published": "2022-05-13T01:45:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3856"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97007"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038101"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…