Lucene search

CiscoCISCO-SA-20170927-CIP

HistorySep 27, 2017 - 4:00 p.m.

Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities

2017-09-2716:00:00

tools.cisco.com

0.004 Low

EPSS

Percentile

72.4%

JSON

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip”]

This advisory is part of the September 27, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-63410”].

Affected configurations

Vulners

Node

ciscoiosMatch12.2se

ciscoiosMatch12.2ex

ciscoiosMatch15.0ey

ciscoiosMatch15.0se

ciscoiosMatch15.0ex

ciscoiosMatch15.0ea

ciscoiosMatch15.2e

ciscoiosMatch15.2ey

ciscoiosMatch15.2eb

ciscoiosMatch15.2ea

ciscoiosMatch15.6s

ciscoiosMatch15.2ec

ciscoiosMatch15.1svr

ciscoiosMatch15.1svs

ciscoiosMatch15.1svt

ciscoiosMatch15.1svu

ciscoiosMatch15.1svv

ciscoiosMatch15.1svw

ciscoiosMatch15.1svx

ciscoiosMatch12.2\(55\)se

ciscoiosMatch12.2\(46\)se2

ciscoiosMatch12.2\(50\)se2

ciscoiosMatch12.2\(50\)se1

ciscoiosMatch12.2\(50\)se5

ciscoiosMatch12.2\(55\)se3

ciscoiosMatch12.2\(52\)se

ciscoiosMatch12.2\(58\)se

ciscoiosMatch12.2\(50\)se3

ciscoiosMatch12.2\(52\)se1

ciscoiosMatch12.2\(46\)se1

ciscoiosMatch12.2\(50\)se4

ciscoiosMatch12.2\(50\)se

ciscoiosMatch12.2\(58\)se1

ciscoiosMatch12.2\(55\)se4

ciscoiosMatch12.2\(58\)se2

ciscoiosMatch12.2\(55\)se5

ciscoiosMatch12.2\(55\)se6

ciscoiosMatch12.2\(55\)se7

ciscoiosMatch12.2\(55\)se9

ciscoiosMatch12.2\(55\)se10

ciscoiosMatch12.2\(55\)se11

ciscoiosMatch12.2\(55\)se12

ciscoiosMatch12.2\(55\)se13

ciscoiosMatch12.2\(44\)ex

ciscoiosMatch12.2\(44\)ex1

ciscoiosMatch15.0\(1\)ey

ciscoiosMatch15.0\(1\)ey1

ciscoiosMatch15.0\(1\)ey2

ciscoiosMatch15.0\(2\)ey

ciscoiosMatch15.0\(2\)ey1

ciscoiosMatch15.0\(2\)ey2

ciscoiosMatch15.0\(2\)ey3

ciscoiosMatch15.0\(2\)se

ciscoiosMatch15.0\(2\)se1

ciscoiosMatch15.0\(2\)se2

ciscoiosMatch15.0\(2\)se3

ciscoiosMatch15.0\(2\)se4

ciscoiosMatch15.0\(2\)se5

ciscoiosMatch15.0\(2\)se6

ciscoiosMatch15.0\(2\)se7

ciscoiosMatch15.0\(2\)se8

ciscoiosMatch15.0\(2\)se9

ciscoiosMatch15.0\(2\)se10

ciscoiosMatch15.0\(2\)se11

ciscoiosMatch15.0\(2\)se10a

ciscoiosMatch15.0\(2\)se12

ciscoiosMatch15.0\(2\)ex2

ciscoiosMatch15.0\(2\)ex8

ciscoiosMatch15.0\(2\)ea

ciscoiosMatch15.0\(2\)ea1

ciscoiosMatch15.2\(2\)e

ciscoiosMatch15.2\(2\)e1

ciscoiosMatch15.2\(2b\)e

ciscoiosMatch15.2\(3\)e1

ciscoiosMatch15.2\(2\)e2

ciscoiosMatch15.2\(2\)e3

ciscoiosMatch15.2\(2a\)e2

ciscoiosMatch15.2\(3\)e2

ciscoiosMatch15.2\(3\)e3

ciscoiosMatch15.2\(2\)e4

ciscoiosMatch15.2\(2\)e5

ciscoiosMatch15.2\(3\)e4

ciscoiosMatch15.2\(5\)e

ciscoiosMatch15.2\(2\)e6

ciscoiosMatch15.2\(2\)e5a

ciscoiosMatch15.2\(3\)e5

ciscoiosMatch15.2\(2\)e5b

ciscoiosMatch15.2\(2\)e7

ciscoiosMatch15.2\(2\)e8

ciscoiosMatch15.2\(6\)e0b

ciscoiosMatch15.2\(2\)e7b

ciscoiosMatch15.2\(2\)e9

ciscoiosMatch15.2\(2\)e10

ciscoiosMatch15.2\(4s\)e2

ciscoiosMatch15.2\(1\)ey

ciscoiosMatch15.2\(2\)eb

ciscoiosMatch15.2\(2\)eb1

ciscoiosMatch15.2\(2\)eb2

ciscoiosMatch15.2\(2\)ea

ciscoiosMatch15.2\(2\)ea1

ciscoiosMatch15.2\(2\)ea2

ciscoiosMatch15.2\(3\)ea

ciscoiosMatch15.2\(4\)ea

ciscoiosMatch15.2\(4\)ea1

ciscoiosMatch15.2\(2\)ea3

ciscoiosMatch15.2\(4\)ea3

ciscoiosMatch15.2\(5\)ea

ciscoiosMatch15.2\(4\)ea4

ciscoiosMatch15.2\(4\)ea2

ciscoiosMatch15.2\(4\)ea5

ciscoiosMatch15.6\(2\)s0a

ciscoiosMatch15.2\(4\)ec1

ciscoiosMatch15.2\(4\)ec2

ciscoiosMatch15.1\(3\)svr10

ciscoiosMatch15.1\(3\)svs

ciscoiosMatch15.1\(3\)svt1

ciscoiosMatch15.1\(3\)svt3

ciscoiosMatch15.1\(3\)svt4

ciscoiosMatch15.1\(3\)svu1

ciscoiosMatch15.1\(3\)svu10

ciscoiosMatch15.1\(3\)svu2

ciscoiosMatch15.1\(3\)svu11

ciscoiosMatch15.1\(3\)svu20

ciscoiosMatch15.1\(3\)svu21

ciscoiosMatch15.1\(3\)svv1

ciscoiosMatch15.1\(3\)svv2

ciscoiosMatch15.1\(3\)svv3

ciscoiosMatch15.1\(3\)svv4

ciscoiosMatch15.1\(3\)svw

ciscoiosMatch15.1\(3\)svw1

ciscoiosMatch15.1\(3\)svx

ciscoiosMatch15.1\(3\)svx1

CPENameOperatorVersion
ioseq12.2SE
ioseq12.2EX
ioseq15.0EY
ioseq15.0SE
ioseq15.0EX
ioseq15.0EA
ioseq15.2E
ioseq15.2EY
ioseq15.2EB
ioseq15.2EA

Name	Operator	Version
ios	eq	12.2SE
ios	eq	12.2EX
ios	eq	15.0EY
ios	eq	15.0SE
ios	eq	15.0EX
ios	eq	15.0EA
ios	eq	15.2E
ios	eq	15.2EY
ios	eq	15.2EB
ios	eq	15.2EA

Rows per page:

1-10 of 1321

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cip

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CISCO-SA-20170927-CIP