KEVIntel
Back to KEVs
6.5
CVSS
Medium

CVE-2017-12232

PUBLISHED

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0...

Exploited in the wild Low complexity No user interaction
Vendor
Cisco
Product
Cisco IOS
Published
Sep 28, 2017
EPSS

Description

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc03809.

ios cisa edge

CVSS scores

CVSS v3.1 6.5 Medium

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2.0 6.1

AV:A/AC:L/Au:N/C:N/I:N/A:C

Exploitation status

Exploited in the wild

Recorded 2022-03-03 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Mar 03, 2022

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel