Vulnerability Name: | CVE-2017-3820 (CCN-121419) | ||||||||||||
Assigned: | 2016-12-21 | ||||||||||||
Published: | 2017-02-01 | ||||||||||||
Updated: | 2019-10-03 | ||||||||||||
Summary: | A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. More Information: CSCux68796. Known Affected Releases: 15.5(3)S2.1 15.6(1)S1.1. Known Fixed Releases: 15.4(3)S6.1 15.4(3)S6.2 15.5(3)S2.2 15.5(3)S3 15.6(0.22)S0.23 15.6(1)S2 16.2(0.295) 16.3(0.94) 15.5.3S3. | ||||||||||||
CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C)
| ||||||||||||
Vulnerability Type: | CWE-665 | ||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2017-3820 Source: BID Type: Third Party Advisory, VDB Entry 95934 Source: CCN Type: BID-95934 Cisco ASR 1000 Series Routers CVE-2017-3820 Denial of Service Vulnerability Source: SECTRACK Type: UNKNOWN 1037770 Source: XF Type: UNKNOWN cisco-asr-cve20173820-dos(121419) Source: CCN Type: Cisco Security Advisory cisco-sa-20170201-asrsnmp Cisco ASR 1000 Series Aggregation Services Routers SNMP High CPU Denial of Service Vulnerability Source: CONFIRM Type: Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-asrsnmp | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||
BACK |