A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system.The vulnerability is due to unknown reasons. An attacker could exploit this vulnerability by capturing and replaying ACP packets that are transferred within an affected system. A successful exploit could allow the attacker to reset the ACP of an affected system, resulting in a denial of service (DoS) condition. A successful exploit could also allow the attacker to capture and view ACP packets, which should have been encrypted over the ACP, in clear text.
Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2uXG0FJ
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system.The vulnerability is due to unknown reasons. An attacker could exploit this vulnerability by capturing and replaying ACP packets that are transferred within an affected system. A successful exploit could allow the attacker to reset the ACP of an affected system, resulting in a denial of service (DoS) condition. A successful exploit could also allow the attacker to capture and view ACP packets, which should have been encrypted over the ACP, in clear text.
Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2uXG0FJ
Security Impact Rating: High
CVE: CVE-2017-6665
from Cisco Security Advisory http://ift.tt/2uXG0FJ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.