CVE-2017-12233 - Vulnerability Details

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is in the KEV database since March 3, 2022.

Exploitation active

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	1000 Integrated Services Router 1100-4g\/6g Integrated Services Router 1100-4g Integrated Services Router 1100-4gltegb Integrated Services Router 1100-4gltena Integrated Services Router 1100-4p 1100-4p Integrated Services Router 1100-6g Integrated Services Router 1100-8p 1100-8p Integrated Services Router 1100-lte Integrated Services Router 1100 Integrated Services Router 1100 Terminal Services Gateways 1101-4p 1101-4p Integrated Services Router 1101 Integrated Services Router 1109-2p 1109-4p 1111-4pwe 1111-8pwb 1111x-8p 1113-8plteeawe 1113-8pmwe 1113-8pwe 1116-4plteeawe 1116-4pwe 1117-4plteeawe 1117-4pmlteeawe 1117-4pmwe 1117-4pwe 1120 1120 Connected Grid Router 1120 Integrated Services Router 1131 Integrated Services Router 1160 Integrated Services Router 1801 Integrated Service Router 1802 Integrated Service Router 1803 Integrated Service Router 1811 Integrated Service Router 1812 Integrated Service Router 1841 Integrated Service Router 1861 Integrated Service Router 1905 Integrated Services Router 1906c Integrated Services Router 1921 Integrated Services Router 1941 Integrated Services Router 1941w Integrated Services Router Catalyst Ie3200 Rugged Switch Catalyst Ie3300 Rugged Switch Catalyst Ie3400 Heavy Duty Switch Catalyst Ie3400 Rugged Switch Catalyst Ie9300 Esr-6300-con-k9 Esr-6300-ncp-k9 Ios

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4p:-:::::::*
	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_terminal_services_gateways:-:::::::*
	cpe:2.3:h:cisco:1101-4p:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p:-:::::::*
	cpe:2.3:h:cisco:1109-4p:-:::::::*
	cpe:2.3:h:cisco:1111-4pwe:-:::::::*
	cpe:2.3:h:cisco:1111-8pwb:-:::::::*
	cpe:2.3:h:cisco:1111x-8p:-:::::::*
	cpe:2.3:h:cisco:1113-8plteeawe:-:::::::*
	cpe:2.3:h:cisco:1113-8pmwe:-:::::::*
	cpe:2.3:h:cisco:1113-8pwe:-:::::::*
	cpe:2.3:h:cisco:1116-4plteeawe:-:::::::*
	cpe:2.3:h:cisco:1116-4pwe:-:::::::*
	cpe:2.3:h:cisco:1117-4plteeawe:-:::::::*
	cpe:2.3:h:cisco:1117-4pmlteeawe:-:::::::*
	cpe:2.3:h:cisco:1117-4pmwe:-:::::::*
	cpe:2.3:h:cisco:1117-4pwe:-:::::::*
	cpe:2.3:h:cisco:1120:-:::::::*
	cpe:2.3:h:cisco:1120_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1131_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1801_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1802_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1803_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1811_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1812_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1841_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1861_integrated_service_router:-:::::::*
	cpe:2.3:h:cisco:1905_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1906c_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1921_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1941_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1941w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:::::::*
	cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:::::::*
	cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:::::::*
	cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:::::::*
	cpe:2.3:h:cisco:catalyst_ie9300:-:::::::*
	cpe:2.3:h:cisco:esr-6300-con-k9:-:::::::*
	cpe:2.3:h:cisco:esr-6300-ncp-k9:-:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101038
http://www.securitytracker.com/id/1039459
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip

History

Fri, 15 Nov 2024 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-03-03'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-09-28T07:00:00

Updated: 2024-11-15T17:57:38.836Z

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12233

Vulnrichment

Updated: 2024-08-05T18:28:16.648Z

NVD

Status : Analyzed

Published: 2017-09-29T01:34:48.827

Modified: 2025-01-27T18:59:51.937

Link: CVE-2017-12233

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Exploitation active

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object