Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-12289
HistoryOct 19, 2017 - 8:00 a.m.

CVE-2017-12289

2017-10-1908:00:00
CWE-200
cisco
www.cve.org
4

AI Score

4.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging that causes sensitive information to be written to the log file. This information should be restricted. An attacker who has valid administrative credentials could exploit this vulnerability by authenticating to the device and enabling conditional, verbose debug logging for IPsec and viewing the log file. An exploit could allow the attacker to access sensitive information related to the IPsec configuration. Cisco Bug IDs: CSCvf12081.

CNA Affected

[
  {
    "product": "Cisco IOS XE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS XE"
      }
    ]
  }
]

Related

prion 1
cisco 1
nvd 1
cve 1
prion
prion
Design/Logic Flaw
2017-10-19 08:29:00
cisco
cisco
Cisco IOS XE Software Verbose Debug Logging Information Disclosure Vulnerability
2017-10-18 16:00:00
nvd
nvd
CVE-2017-12289
2017-10-19 08:29:00
cve
cve
CVE-2017-12289
2017-10-19 08:29:00

AI Score

4.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2017-12289
prion1cisco1nvd1cve1