Rapid7 Vulnerability & Exploit Database

Cisco XE: CVE-2017-6664: Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Cisco XE: CVE-2017-6664: Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
08/07/2017
Created
08/02/2019
Added
07/30/2019
Modified
04/22/2024

Description

A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This vulnerability affected devices that are running Release 16.x of Cisco IOS XE Software and are configured to use Autonomic Networking. This vulnerability does not affect devices that are running an earlier release of Cisco IOS XE Software or devices that are not configured to use Autonomic Networking. More Information: CSCvd22328. Known Affected Releases: 15.5(1)S3.1 Denali-16.2.1.

Solution(s)

  • cisco-xe-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;