Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability: CVE-2017-3881

Description CVE-2017-3881: Cisco is warning of a new critical IOS / IOS XE vulnerability that affects more than 300 of its switch models.

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.

Impact: An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device

Mitigation: Currently, this vulnerability is unpatched, and until patches are available, Cisco recommends its users to disable the Telnet connection to the switch devices in favor of SSH. Please follow Cisco advisory, available on Reference URL’s section.

Reference URL’s:

Share