Rapid7 Vulnerability & Exploit Database

Cisco XE: CVE-2017-3820: Cisco ASR 1000 Series Aggregation Services Routers SNMP High CPU Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Cisco XE: CVE-2017-3820: Cisco ASR 1000 Series Aggregation Services Routers SNMP High CPU Denial of Service Vulnerability

Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
02/03/2017
Created
08/02/2019
Added
07/30/2019
Modified
11/13/2023

Description

A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. More Information: CSCux68796. Known Affected Releases: 15.5(3)S2.1 15.6(1)S1.1. Known Fixed Releases: 15.4(3)S6.1 15.4(3)S6.2 15.5(3)S2.2 15.5(3)S3 15.6(0.22)S0.23 15.6(1)S2 16.2(0.295) 16.3(0.94) 15.5.3S3.

Solution(s)

  • cisco-xe-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;