CVE-2017-3812

Published Feb 3, 2017

Last updated 5 years ago

Overview

Description: A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2.
Source: ykramarz@cisco.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.8
Impact score: 4
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-772

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_series_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64126B06-A388-40D2-A0A7-6520BCC90EE8",
            "versionEndIncluding": "15.2\\(5.4.32i\\)e2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-e_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "524D907D-4DDC-4439-A9E0-328BA272BE79"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4057243E-C776-4048-AF08-F1339DECFB76"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16ptc-g-nx_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F0D7518A-B5EA-493C-80C7-4938A36FF621"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0474966A-3F71-474F-926F-D4C03F0989D5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16t67p-g-e_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "199F317F-4C29-4BE4-B5EE-FFD70C693A74"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-e_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A805F6F4-D977-493F-B3E8-CCE64A6F5AE4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DB0122F-82AB-467A-861B-9A9EAF36F695"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-n_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69A29BB0-4033-4067-97E9-372C797A29CC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-g-x_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "334BC0D6-E9D8-47F5-AB48-7AB3F3A17844"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_16tc-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F1931F1-02FC-4F7D-8C18-C1482CD2530D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_24t67-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8F9FB2B-D9AD-46DD-8D2E-0FB71E2EA825"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75325EB7-ABB8-409F-BB8E-1696FB3D0DA7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4s-ts-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "03CB2133-041C-48EE-8594-2F80C7A89A05"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C4D3841-67B6-4E21-A68D-FED30EC2CDEF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E906703D-3946-4EE7-BEF1-9753409FEEF8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D64C4436-6BB8-48EB-923D-11B6F9F18B1D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4t-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3ECD0A92-A198-463B-8046-92D738C40DAF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "87C75A46-74FC-4AF1-AF76-0CAC422473E5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5FE4BC00-19FE-468C-8BCE-193E72066B0E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "62729BD3-975A-4FCA-B255-FFFD51901081"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_4ts-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0FAB865C-D5D6-474F-B42C-2C2958B1E876"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE94DAA2-D52A-424B-8E17-FC17D4B117B4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8t67p-g-e_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "429B7E0E-2897-4838-AC6B-41B3A5D85204"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22980E67-0A91-473F-9F86-3B594D7BE9FF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-b_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4360DC5A-DD47-42C5-9940-B9FE24422758"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-e_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "417ACF82-6769-4441-92CB-8BD06470518A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36036C1F-2A42-4633-AFD7-F4F8DEADBDE7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-g-n_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FEE1A077-564B-49A3-84C4-3E9EA6EA7675"
          },
          {
            "criteria": "cpe:2.3:h:cisco:industrial_ethernet_2000_8tc-l_switch:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DAFB25E-F057-423E-811D-1E4A8F9E2D73"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References