CVE-2017-12232

CVSS 6.5 MEDIUMEPSS 2.2%● KEVCWE-399

In short

A bug in Cisco ISR G2 routers allows an attacker on the same network to send a specially crafted Ethernet frame that crashes the router, causing it to restart and stop working temporarily.

Technical detail

The vulnerability stems from improper classification of Ethernet frames in Cisco IOS 15.0-15.6 on ISR G2 routers, allowing unauthenticated adjacent attackers to trigger a device reload via malformed frames. Exploitation requires network adjacency and results in denial of service; no authentication is required.

Summary generated and translated by AI from the official description.

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

n/a · Cisco IOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12232 http://www.securityfocus.com/bid/101044 http://www.securitytracker.com/id/1039452