What is the severity of CVE-2017-3849?

CVE-2017-3849 has a severity rating that indicates it can cause a denial of service (DoS) condition.

How do I fix CVE-2017-3849?

To fix CVE-2017-3849, you should update your Cisco IOS or IOS XE software to a version that addresses this vulnerability.

What are the affected versions in CVE-2017-3849?

CVE-2017-3849 affects various versions of Cisco IOS from 15.2 to 15.6 and Cisco IOS XE from 3.7 to 3.18 and 16.

Can CVE-2017-3849 be exploited remotely?

No, CVE-2017-3849 requires an unauthenticated, adjacent attacker to exploit the vulnerability.

What impact does CVE-2017-3849 have?

CVE-2017-3849 can lead to a denial of service (DoS), affecting the availability of the affected devices.

Vulnerability/
CVE-2017-3849

high

7.4

CWE

21/3/2017

12/7/2017

CVE-2017-3849: Input Validation

First published: Tue Mar 21 2017(Updated: )

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=15.2\(3\)e
Cisco IOS	=15.2\(3\)e1
Cisco IOS	=15.2\(3\)e2
Cisco IOS	=15.2\(3\)e3
Cisco IOS	=15.2\(4\)e
Cisco IOS	=15.2\(4\)e1
Cisco IOS	=15.2\(4\)e2
Cisco IOS	=15.2\(4\)e3
Cisco IOS	=15.2\(5\)e
Cisco IOS	=15.2\(5\)e1
Cisco IOS	=15.2\(5a\)e
Cisco IOS	=15.2\(5b\)e
Cisco IOS	=15.3\(3\)s
Cisco IOS	=15.3\(3\)s1
Cisco IOS	=15.3\(3\)s2
Cisco IOS	=15.3\(3\)s3
Cisco IOS	=15.3\(3\)s4
Cisco IOS	=15.3\(3\)s5
Cisco IOS	=15.3\(3\)s6
Cisco IOS	=15.3\(3\)s8
Cisco IOS	=15.3\(3\)s9
Cisco IOS	=15.4\(1\)s
Cisco IOS	=15.4\(1\)s1
Cisco IOS	=15.4\(1\)s2
Cisco IOS	=15.4\(1\)s3
Cisco IOS	=15.4\(1\)s4
Cisco IOS	=15.4\(2\)s1
Cisco IOS	=15.4\(2\)s2
Cisco IOS	=15.4\(2\)s3
Cisco IOS	=15.4\(2\)s4
Cisco IOS	=15.4\(3\)s
Cisco IOS	=15.4\(3\)s1
Cisco IOS	=15.4\(3\)s2
Cisco IOS	=15.4\(3\)s3
Cisco IOS	=15.4\(3\)s4
Cisco IOS	=15.4\(3\)s5
Cisco IOS	=15.4\(3\)s6
Cisco IOS	=15.4\(3\)s6a
Cisco IOS	=15.5\(1\)s
Cisco IOS	=15.5\(1\)s1
Cisco IOS	=15.5\(1\)s2
Cisco IOS	=15.5\(1\)s3
Cisco IOS	=15.5\(1\)s4
Cisco IOS	=15.5\(2\)s
Cisco IOS	=15.5\(2\)s1
Cisco IOS	=15.5\(2\)s2
Cisco IOS	=15.5\(2\)s3
Cisco IOS	=15.5\(2\)s4
Cisco IOS	=15.5\(3\)s
Cisco IOS	=15.5\(3\)s0a
Cisco IOS	=15.5\(3\)s1
Cisco IOS	=15.5\(3\)s1a
Cisco IOS	=15.5\(3\)s2
Cisco IOS	=15.5\(3\)s3
Cisco IOS	=15.5\(3\)s4
Cisco IOS	=15.5\(3\)s5
Cisco IOS	=15.5\(3\)sn
Cisco IOS	=15.6\(1\)s
Cisco IOS	=15.6\(1\)s1
Cisco IOS	=15.6\(1\)s2
Cisco IOS	=15.6\(1\)s3
Cisco IOS	=15.6\(1\)t
Cisco IOS	=15.6\(1\)t0a
Cisco IOS	=15.6\(1\)t1
Cisco IOS	=15.6\(1\)t2
Cisco IOS	=15.6\(2\)s
Cisco IOS	=15.6\(2\)s1
Cisco IOS	=15.6\(2\)s2
Cisco IOS	=15.6\(2\)sn
Cisco IOS	=15.6\(2\)sp
Cisco IOS	=15.6\(2\)sp1
Cisco IOS	=15.6\(2\)t
Cisco IOS	=15.6\(2\)t1
Cisco IOS	=15.6\(2\)t2
Cisco IOS	=15.6\(3\)m
Cisco IOS	=15.6\(3\)m0a
Cisco IOS	=15.6\(3\)m1
Cisco IOS XE	=3.7.0e
Cisco IOS XE	=3.7.1e
Cisco IOS XE	=3.7.2e
Cisco IOS XE	=3.7.3e
Cisco IOS XE	=3.7.4e
Cisco IOS XE	=3.7.5e
Cisco IOS XE	=3.8.0e
Cisco IOS XE	=3.8.1e
Cisco IOS XE	=3.8.2e
Cisco IOS XE	=3.8.3e
Cisco IOS XE	=3.9.0e
Cisco IOS XE	=3.9.1e
Cisco IOS XE	=3.10.0s
Cisco IOS XE	=3.10.1s
Cisco IOS XE	=3.10.1xbs
Cisco IOS XE	=3.10.2s
Cisco IOS XE	=3.10.2ts
Cisco IOS XE	=3.10.3s
Cisco IOS XE	=3.10.4s
Cisco IOS XE	=3.10.5s
Cisco IOS XE	=3.10.6s
Cisco IOS XE	=3.10.7s
Cisco IOS XE	=3.10.8as
Cisco IOS XE	=3.10.8s
Cisco IOS XE	=3.11.0s
Cisco IOS XE	=3.11.1s
Cisco IOS XE	=3.11.2s
Cisco IOS XE	=3.11.3s
Cisco IOS XE	=3.11.4s
Cisco IOS XE	=3.12.0as
Cisco IOS XE	=3.12.1s
Cisco IOS XE	=3.12.2s
Cisco IOS XE	=3.12.3s
Cisco IOS XE	=3.12.4s
Cisco IOS XE	=3.13.0as
Cisco IOS XE	=3.13.0s
Cisco IOS XE	=3.13.1s
Cisco IOS XE	=3.13.2as
Cisco IOS XE	=3.13.2s
Cisco IOS XE	=3.13.3s
Cisco IOS XE	=3.13.4s
Cisco IOS XE	=3.13.5as
Cisco IOS XE	=3.13.5s
Cisco IOS XE	=3.13.6as
Cisco IOS XE	=3.13.6s
Cisco IOS XE	=3.14.0s
Cisco IOS XE	=3.14.1s
Cisco IOS XE	=3.14.2s
Cisco IOS XE	=3.14.3s
Cisco IOS XE	=3.14.4s
Cisco IOS XE	=3.15.0s
Cisco IOS XE	=3.15.1cs
Cisco IOS XE	=3.15.1s
Cisco IOS XE	=3.15.2s
Cisco IOS XE	=3.15.3s
Cisco IOS XE	=3.15.4s
Cisco IOS XE	=3.16.0cs
Cisco IOS XE	=3.16.0s
Cisco IOS XE	=3.16.1as
Cisco IOS XE	=3.16.1s
Cisco IOS XE	=3.16.2bs
Cisco IOS XE	=3.16.2s
Cisco IOS XE	=3.16.3as
Cisco IOS XE	=3.16.3s
Cisco IOS XE	=3.16.4as
Cisco IOS XE	=3.16.4bs
Cisco IOS XE	=3.16.4ds
Cisco IOS XE	=3.16.4s
Cisco IOS XE	=3.16.5s
Cisco IOS XE	=3.17.0s
Cisco IOS XE	=3.17.1as
Cisco IOS XE	=3.17.1s
Cisco IOS XE	=3.17.2s
Cisco IOS XE	=3.17.3s
Cisco IOS XE	=3.18.0as
Cisco IOS XE	=3.18.0s
Cisco IOS XE	=3.18.0sp
Cisco IOS XE	=3.18.1asp
Cisco IOS XE	=3.18.1bsp
Cisco IOS XE	=3.18.1csp
Cisco IOS XE	=3.18.1s
Cisco IOS XE	=3.18.1sp
Cisco IOS XE	=3.18.2s
Cisco IOS XE	=3.18.3vs

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-3849?
CVE-2017-3849 has a severity rating that indicates it can cause a denial of service (DoS) condition.
How do I fix CVE-2017-3849?
To fix CVE-2017-3849, you should update your Cisco IOS or IOS XE software to a version that addresses this vulnerability.
What are the affected versions in CVE-2017-3849?
CVE-2017-3849 affects various versions of Cisco IOS from 15.2 to 15.6 and Cisco IOS XE from 3.7 to 3.18 and 16.
Can CVE-2017-3849 be exploited remotely?
No, CVE-2017-3849 requires an unauthenticated, adjacent attacker to exploit the vulnerability.
What impact does CVE-2017-3849 have?
CVE-2017-3849 can lead to a denial of service (DoS), affecting the availability of the affected devices.

collector/nvd-index
agent/weakness
agent/type
agent/description
agent/author
agent/references
agent/severity
agent/tags
agent/event
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
vendor/cisco
canonical/cisco ios
version/cisco ios/15.2\(3\)e
version/cisco ios/15.2\(3\)e1
version/cisco ios/15.2\(3\)e2
version/cisco ios/15.2\(3\)e3
version/cisco ios/15.2\(4\)e
version/cisco ios/15.2\(4\)e1
version/cisco ios/15.2\(4\)e2
version/cisco ios/15.2\(4\)e3
version/cisco ios/15.2\(5\)e
version/cisco ios/15.2\(5\)e1
version/cisco ios/15.2\(5a\)e
version/cisco ios/15.2\(5b\)e
version/cisco ios/15.3\(3\)s
version/cisco ios/15.3\(3\)s1
version/cisco ios/15.3\(3\)s2
version/cisco ios/15.3\(3\)s3
version/cisco ios/15.3\(3\)s4
version/cisco ios/15.3\(3\)s5
version/cisco ios/15.3\(3\)s6
version/cisco ios/15.3\(3\)s8
version/cisco ios/15.3\(3\)s9
version/cisco ios/15.4\(1\)s
version/cisco ios/15.4\(1\)s1
version/cisco ios/15.4\(1\)s2
version/cisco ios/15.4\(1\)s3
version/cisco ios/15.4\(1\)s4
version/cisco ios/15.4\(2\)s1
version/cisco ios/15.4\(2\)s2
version/cisco ios/15.4\(2\)s3
version/cisco ios/15.4\(2\)s4
version/cisco ios/15.4\(3\)s
version/cisco ios/15.4\(3\)s1
version/cisco ios/15.4\(3\)s2
version/cisco ios/15.4\(3\)s3
version/cisco ios/15.4\(3\)s4
version/cisco ios/15.4\(3\)s5
version/cisco ios/15.4\(3\)s6
version/cisco ios/15.4\(3\)s6a
version/cisco ios/15.5\(1\)s
version/cisco ios/15.5\(1\)s1
version/cisco ios/15.5\(1\)s2
version/cisco ios/15.5\(1\)s3
version/cisco ios/15.5\(1\)s4
version/cisco ios/15.5\(2\)s
version/cisco ios/15.5\(2\)s1
version/cisco ios/15.5\(2\)s2
version/cisco ios/15.5\(2\)s3
version/cisco ios/15.5\(2\)s4
version/cisco ios/15.5\(3\)s
version/cisco ios/15.5\(3\)s0a
version/cisco ios/15.5\(3\)s1
version/cisco ios/15.5\(3\)s1a
version/cisco ios/15.5\(3\)s2
version/cisco ios/15.5\(3\)s3
version/cisco ios/15.5\(3\)s4
version/cisco ios/15.5\(3\)s5
version/cisco ios/15.5\(3\)sn
version/cisco ios/15.6\(1\)s
version/cisco ios/15.6\(1\)s1
version/cisco ios/15.6\(1\)s2
version/cisco ios/15.6\(1\)s3
version/cisco ios/15.6\(1\)t
version/cisco ios/15.6\(1\)t0a
version/cisco ios/15.6\(1\)t1
version/cisco ios/15.6\(1\)t2
version/cisco ios/15.6\(2\)s
version/cisco ios/15.6\(2\)s1
version/cisco ios/15.6\(2\)s2
version/cisco ios/15.6\(2\)sn
version/cisco ios/15.6\(2\)sp
version/cisco ios/15.6\(2\)sp1
version/cisco ios/15.6\(2\)t
version/cisco ios/15.6\(2\)t1
version/cisco ios/15.6\(2\)t2
version/cisco ios/15.6\(3\)m
version/cisco ios/15.6\(3\)m0a
version/cisco ios/15.6\(3\)m1
canonical/cisco ios xe
version/cisco ios xe/3.7.0e
version/cisco ios xe/3.7.1e
version/cisco ios xe/3.7.2e
version/cisco ios xe/3.7.3e
version/cisco ios xe/3.7.4e
version/cisco ios xe/3.7.5e
version/cisco ios xe/3.8.0e
version/cisco ios xe/3.8.1e
version/cisco ios xe/3.8.2e
version/cisco ios xe/3.8.3e
version/cisco ios xe/3.9.0e
version/cisco ios xe/3.9.1e
version/cisco ios xe/3.10.0s
version/cisco ios xe/3.10.1s
version/cisco ios xe/3.10.1xbs
version/cisco ios xe/3.10.2s
version/cisco ios xe/3.10.2ts
version/cisco ios xe/3.10.3s
version/cisco ios xe/3.10.4s
version/cisco ios xe/3.10.5s
version/cisco ios xe/3.10.6s
version/cisco ios xe/3.10.7s
version/cisco ios xe/3.10.8as
version/cisco ios xe/3.10.8s
version/cisco ios xe/3.11.0s
version/cisco ios xe/3.11.1s
version/cisco ios xe/3.11.2s
version/cisco ios xe/3.11.3s
version/cisco ios xe/3.11.4s
version/cisco ios xe/3.12.0as
version/cisco ios xe/3.12.1s
version/cisco ios xe/3.12.2s
version/cisco ios xe/3.12.3s
version/cisco ios xe/3.12.4s
version/cisco ios xe/3.13.0as
version/cisco ios xe/3.13.0s
version/cisco ios xe/3.13.1s
version/cisco ios xe/3.13.2as
version/cisco ios xe/3.13.2s
version/cisco ios xe/3.13.3s
version/cisco ios xe/3.13.4s
version/cisco ios xe/3.13.5as
version/cisco ios xe/3.13.5s
version/cisco ios xe/3.13.6as
version/cisco ios xe/3.13.6s
version/cisco ios xe/3.14.0s
version/cisco ios xe/3.14.1s
version/cisco ios xe/3.14.2s
version/cisco ios xe/3.14.3s
version/cisco ios xe/3.14.4s
version/cisco ios xe/3.15.0s
version/cisco ios xe/3.15.1cs
version/cisco ios xe/3.15.1s
version/cisco ios xe/3.15.2s
version/cisco ios xe/3.15.3s
version/cisco ios xe/3.15.4s
version/cisco ios xe/3.16.0cs
version/cisco ios xe/3.16.0s
version/cisco ios xe/3.16.1as
version/cisco ios xe/3.16.1s
version/cisco ios xe/3.16.2bs
version/cisco ios xe/3.16.2s
version/cisco ios xe/3.16.3as
version/cisco ios xe/3.16.3s
version/cisco ios xe/3.16.4as
version/cisco ios xe/3.16.4bs
version/cisco ios xe/3.16.4ds
version/cisco ios xe/3.16.4s
version/cisco ios xe/3.16.5s
version/cisco ios xe/3.17.0s
version/cisco ios xe/3.17.1as
version/cisco ios xe/3.17.1s
version/cisco ios xe/3.17.2s
version/cisco ios xe/3.17.3s
version/cisco ios xe/3.18.0as
version/cisco ios xe/3.18.0s
version/cisco ios xe/3.18.0sp
version/cisco ios xe/3.18.1asp
version/cisco ios xe/3.18.1bsp
version/cisco ios xe/3.18.1csp
version/cisco ios xe/3.18.1s
version/cisco ios xe/3.18.1sp
version/cisco ios xe/3.18.2s
version/cisco ios xe/3.18.3vs

CVE-2017-3849: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-3849?

How do I fix CVE-2017-3849?

What are the affected versions in CVE-2017-3849?

Can CVE-2017-3849 be exploited remotely?

What impact does CVE-2017-3849 have?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-3849?

How do I fix CVE-2017-3849?

What are the affected versions in CVE-2017-3849?

Can CVE-2017-3849 be exploited remotely?

What impact does CVE-2017-3849 have?