Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2017-6664
HistoryAug 07, 2017 - 6:29 a.m.

CVE-2017-6664

2017-08-0706:29:00
CWE-295
cisco
web.nvd.nist.gov
51
cisco
ios xe
vulnerability
remote access
autonomic networking
security
nvd
cve-2017-6664

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON

A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This vulnerability affected devices that are running Release 16.x of Cisco IOS XE Software and are configured to use Autonomic Networking. This vulnerability does not affect devices that are running an earlier release of Cisco IOS XE Software or devices that are not configured to use Autonomic Networking. More Information: CSCvd22328. Known Affected Releases: 15.5(1)S3.1 Denali-16.2.1.

Affected configurations

Nvd
Node
ciscoios_xeMatch3.10.8as
OR
ciscoios_xeMatch3.10.8s
OR
ciscoios_xeMatch3.12.0s
OR
ciscoios_xeMatch3.12.1s
OR
ciscoios_xeMatch3.12.2s
OR
ciscoios_xeMatch3.12.3s
OR
ciscoios_xeMatch3.12.4s
OR
ciscoios_xeMatch3.13.1s
OR
ciscoios_xeMatch3.13.2s
OR
ciscoios_xeMatch3.13.4s
OR
ciscoios_xeMatch3.13.5s
OR
ciscoios_xeMatch3.14.0s
OR
ciscoios_xeMatch3.14.1s
OR
ciscoios_xeMatch3.14.2s
OR
ciscoios_xeMatch3.14.3s
OR
ciscoios_xeMatch3.14.4s
OR
ciscoios_xeMatch3.15.0s
OR
ciscoios_xeMatch3.15.1s
OR
ciscoios_xeMatch3.15.2s
OR
ciscoios_xeMatch3.15.3s
OR
ciscoios_xeMatch3.16.0s
OR
ciscoios_xeMatch3.16.1as
OR
ciscoios_xeMatch3.16.2as
OR
ciscoios_xeMatch3.16.2s
OR
ciscoios_xeMatch3.17.0s
OR
ciscoios_xeMatch3.17.1s
OR
ciscoios_xeMatch3.18.0s
OR
ciscoios_xeMatch16.5.1c
OR
ciscoios_xeMatch16.6.1
VendorProductVersionCPE
ciscoios_xe3.10.8ascpe:2.3:o:cisco:ios_xe:3.10.8as:*:*:*:*:*:*:*
ciscoios_xe3.10.8scpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*
ciscoios_xe3.12.0scpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*
ciscoios_xe3.12.1scpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*
ciscoios_xe3.12.2scpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*
ciscoios_xe3.12.3scpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*
ciscoios_xe3.12.4scpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*
ciscoios_xe3.13.1scpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*
ciscoios_xe3.13.2scpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*
ciscoios_xe3.13.4scpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*
Rows per page:
1-10 of 291

CNA Affected

[
  {
    "product": "Cisco IOS XE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS XE"
      }
    ]
  }
]

Related

cvelist 1
openvas 1
nvd 1
prion 1
cisco 1
nessus 1
cvelist
cvelist
CVE-2017-6664
2017-08-07 06:00:00
openvas
openvas
Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability
2017-07-28 00:00:00
nvd
nvd
CVE-2017-6664
2017-08-07 06:29:00
prion
prion
Code injection
2017-08-07 06:29:00
cisco
cisco
Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability
2017-07-26 16:00:00
nessus
nessus
Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation (cisco-sa-20170726-anicrl)
2019-11-20 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON
Related for CVE-2017-6664
cvelist1openvas1nvd1prion1cisco1nessus1