Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-12211

A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this vulnerability by polling the affected device IPv6 information. An exploit could allow the attacker to trigger high CPU usage or a reload of the device. Known Affected Releases: Denali-16.3.1. Cisco Bug IDs: CSCvb14640.

Published

2017-09-07T21:29:00.193

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:N/I:N/A:C

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: SINGLE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

6.8

Impact Score

6.9

Weaknesses
  • Type: Secondary
    CWE-399
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System cisco ios 3.16.1 Yes
Operating System cisco ios_xe 3.16.1 Yes
References