CVE-2017-3849: Input Validation

First published: Tue Mar 21 2017(Updated: )

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=15.2\(3\)e
Cisco IOS	=15.2\(3\)e1
Cisco IOS	=15.2\(3\)e2
Cisco IOS	=15.2\(3\)e3
Cisco IOS	=15.2\(4\)e
Cisco IOS	=15.2\(4\)e1
Cisco IOS	=15.2\(4\)e2
Cisco IOS	=15.2\(4\)e3
Cisco IOS	=15.2\(5\)e
Cisco IOS	=15.2\(5\)e1
Cisco IOS	=15.2\(5a\)e
Cisco IOS	=15.2\(5b\)e
Cisco IOS	=15.3\(3\)s
Cisco IOS	=15.3\(3\)s1
Cisco IOS	=15.3\(3\)s2
Cisco IOS	=15.3\(3\)s3
Cisco IOS	=15.3\(3\)s4
Cisco IOS	=15.3\(3\)s5
Cisco IOS	=15.3\(3\)s6
Cisco IOS	=15.3\(3\)s8
Cisco IOS	=15.3\(3\)s9
Cisco IOS	=15.4\(1\)s
Cisco IOS	=15.4\(1\)s1
Cisco IOS	=15.4\(1\)s2
Cisco IOS	=15.4\(1\)s3
Cisco IOS	=15.4\(1\)s4
Cisco IOS	=15.4\(2\)s1
Cisco IOS	=15.4\(2\)s2
Cisco IOS	=15.4\(2\)s3
Cisco IOS	=15.4\(2\)s4
Cisco IOS	=15.4\(3\)s
Cisco IOS	=15.4\(3\)s1
Cisco IOS	=15.4\(3\)s2
Cisco IOS	=15.4\(3\)s3
Cisco IOS	=15.4\(3\)s4
Cisco IOS	=15.4\(3\)s5
Cisco IOS	=15.4\(3\)s6
Cisco IOS	=15.4\(3\)s6a
Cisco IOS	=15.5\(1\)s
Cisco IOS	=15.5\(1\)s1
Cisco IOS	=15.5\(1\)s2
Cisco IOS	=15.5\(1\)s3
Cisco IOS	=15.5\(1\)s4
Cisco IOS	=15.5\(2\)s
Cisco IOS	=15.5\(2\)s1
Cisco IOS	=15.5\(2\)s2
Cisco IOS	=15.5\(2\)s3
Cisco IOS	=15.5\(2\)s4
Cisco IOS	=15.5\(3\)s
Cisco IOS	=15.5\(3\)s0a
Cisco IOS	=15.5\(3\)s1
Cisco IOS	=15.5\(3\)s1a
Cisco IOS	=15.5\(3\)s2
Cisco IOS	=15.5\(3\)s3
Cisco IOS	=15.5\(3\)s4
Cisco IOS	=15.5\(3\)s5
Cisco IOS	=15.5\(3\)sn
Cisco IOS	=15.6\(1\)s
Cisco IOS	=15.6\(1\)s1
Cisco IOS	=15.6\(1\)s2
Cisco IOS	=15.6\(1\)s3
Cisco IOS	=15.6\(1\)t
Cisco IOS	=15.6\(1\)t0a
Cisco IOS	=15.6\(1\)t1
Cisco IOS	=15.6\(1\)t2
Cisco IOS	=15.6\(2\)s
Cisco IOS	=15.6\(2\)s1
Cisco IOS	=15.6\(2\)s2
Cisco IOS	=15.6\(2\)sn
Cisco IOS	=15.6\(2\)sp
Cisco IOS	=15.6\(2\)sp1
Cisco IOS	=15.6\(2\)t
Cisco IOS	=15.6\(2\)t1
Cisco IOS	=15.6\(2\)t2
Cisco IOS	=15.6\(3\)m
Cisco IOS	=15.6\(3\)m0a
Cisco IOS	=15.6\(3\)m1
Cisco IOS XE	=3.7.0e
Cisco IOS XE	=3.7.1e
Cisco IOS XE	=3.7.2e
Cisco IOS XE	=3.7.3e
Cisco IOS XE	=3.7.4e
Cisco IOS XE	=3.7.5e
Cisco IOS XE	=3.8.0e
Cisco IOS XE	=3.8.1e
Cisco IOS XE	=3.8.2e
Cisco IOS XE	=3.8.3e
Cisco IOS XE	=3.9.0e
Cisco IOS XE	=3.9.1e
Cisco IOS XE	=3.10.0s
Cisco IOS XE	=3.10.1s
Cisco IOS XE	=3.10.1xbs
Cisco IOS XE	=3.10.2s
Cisco IOS XE	=3.10.2ts
Cisco IOS XE	=3.10.3s
Cisco IOS XE	=3.10.4s
Cisco IOS XE	=3.10.5s
Cisco IOS XE	=3.10.6s
Cisco IOS XE	=3.10.7s
Cisco IOS XE	=3.10.8as
Cisco IOS XE	=3.10.8s
Cisco IOS XE	=3.11.0s
Cisco IOS XE	=3.11.1s
Cisco IOS XE	=3.11.2s
Cisco IOS XE	=3.11.3s
Cisco IOS XE	=3.11.4s
Cisco IOS XE	=3.12.0as
Cisco IOS XE	=3.12.1s
Cisco IOS XE	=3.12.2s
Cisco IOS XE	=3.12.3s
Cisco IOS XE	=3.12.4s
Cisco IOS XE	=3.13.0as
Cisco IOS XE	=3.13.0s
Cisco IOS XE	=3.13.1s
Cisco IOS XE	=3.13.2as
Cisco IOS XE	=3.13.2s
Cisco IOS XE	=3.13.3s
Cisco IOS XE	=3.13.4s
Cisco IOS XE	=3.13.5as
Cisco IOS XE	=3.13.5s
Cisco IOS XE	=3.13.6as
Cisco IOS XE	=3.13.6s
Cisco IOS XE	=3.14.0s
Cisco IOS XE	=3.14.1s
Cisco IOS XE	=3.14.2s
Cisco IOS XE	=3.14.3s
Cisco IOS XE	=3.14.4s
Cisco IOS XE	=3.15.0s
Cisco IOS XE	=3.15.1cs
Cisco IOS XE	=3.15.1s
Cisco IOS XE	=3.15.2s
Cisco IOS XE	=3.15.3s
Cisco IOS XE	=3.15.4s
Cisco IOS XE	=3.16.0cs
Cisco IOS XE	=3.16.0s
Cisco IOS XE	=3.16.1as
Cisco IOS XE	=3.16.1s
Cisco IOS XE	=3.16.2bs
Cisco IOS XE	=3.16.2s
Cisco IOS XE	=3.16.3as
Cisco IOS XE	=3.16.3s
Cisco IOS XE	=3.16.4as
Cisco IOS XE	=3.16.4bs
Cisco IOS XE	=3.16.4ds
Cisco IOS XE	=3.16.4s
Cisco IOS XE	=3.16.5s
Cisco IOS XE	=3.17.0s
Cisco IOS XE	=3.17.1as
Cisco IOS XE	=3.17.1s
Cisco IOS XE	=3.17.2s
Cisco IOS XE	=3.17.3s
Cisco IOS XE	=3.18.0as
Cisco IOS XE	=3.18.0s
Cisco IOS XE	=3.18.0sp
Cisco IOS XE	=3.18.1asp
Cisco IOS XE	=3.18.1bsp
Cisco IOS XE	=3.18.1csp
Cisco IOS XE	=3.18.1s
Cisco IOS XE	=3.18.1sp
Cisco IOS XE	=3.18.2s
Cisco IOS XE	=3.18.3vs

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/weakness
agent/type
agent/description
vendor/cisco
canonical/cisco ios
version/cisco ios/15.2\(3\)e
version/cisco ios/15.2\(3\)e1
version/cisco ios/15.2\(3\)e2
version/cisco ios/15.2\(3\)e3
version/cisco ios/15.2\(4\)e
version/cisco ios/15.2\(4\)e1
version/cisco ios/15.2\(4\)e2
version/cisco ios/15.2\(4\)e3
version/cisco ios/15.2\(5\)e
version/cisco ios/15.2\(5\)e1
version/cisco ios/15.2\(5a\)e
version/cisco ios/15.2\(5b\)e
version/cisco ios/15.3\(3\)s
version/cisco ios/15.3\(3\)s1
version/cisco ios/15.3\(3\)s2
version/cisco ios/15.3\(3\)s3
version/cisco ios/15.3\(3\)s4
version/cisco ios/15.3\(3\)s5
version/cisco ios/15.3\(3\)s6
version/cisco ios/15.3\(3\)s8
version/cisco ios/15.3\(3\)s9
version/cisco ios/15.4\(1\)s
version/cisco ios/15.4\(1\)s1
version/cisco ios/15.4\(1\)s2
version/cisco ios/15.4\(1\)s3
version/cisco ios/15.4\(1\)s4
version/cisco ios/15.4\(2\)s1
version/cisco ios/15.4\(2\)s2
version/cisco ios/15.4\(2\)s3
version/cisco ios/15.4\(2\)s4
version/cisco ios/15.4\(3\)s
version/cisco ios/15.4\(3\)s1
version/cisco ios/15.4\(3\)s2
version/cisco ios/15.4\(3\)s3
version/cisco ios/15.4\(3\)s4
version/cisco ios/15.4\(3\)s5
version/cisco ios/15.4\(3\)s6
version/cisco ios/15.4\(3\)s6a
version/cisco ios/15.5\(1\)s
version/cisco ios/15.5\(1\)s1
version/cisco ios/15.5\(1\)s2
version/cisco ios/15.5\(1\)s3
version/cisco ios/15.5\(1\)s4
version/cisco ios/15.5\(2\)s
version/cisco ios/15.5\(2\)s1
version/cisco ios/15.5\(2\)s2
version/cisco ios/15.5\(2\)s3
version/cisco ios/15.5\(2\)s4
version/cisco ios/15.5\(3\)s
version/cisco ios/15.5\(3\)s0a
version/cisco ios/15.5\(3\)s1
version/cisco ios/15.5\(3\)s1a
version/cisco ios/15.5\(3\)s2
version/cisco ios/15.5\(3\)s3
version/cisco ios/15.5\(3\)s4
version/cisco ios/15.5\(3\)s5
version/cisco ios/15.5\(3\)sn
version/cisco ios/15.6\(1\)s
version/cisco ios/15.6\(1\)s1
version/cisco ios/15.6\(1\)s2
version/cisco ios/15.6\(1\)s3
version/cisco ios/15.6\(1\)t
version/cisco ios/15.6\(1\)t0a
version/cisco ios/15.6\(1\)t1
version/cisco ios/15.6\(1\)t2
version/cisco ios/15.6\(2\)s
version/cisco ios/15.6\(2\)s1
version/cisco ios/15.6\(2\)s2
version/cisco ios/15.6\(2\)sn
version/cisco ios/15.6\(2\)sp
version/cisco ios/15.6\(2\)sp1
version/cisco ios/15.6\(2\)t
version/cisco ios/15.6\(2\)t1
version/cisco ios/15.6\(2\)t2
version/cisco ios/15.6\(3\)m
version/cisco ios/15.6\(3\)m0a
version/cisco ios/15.6\(3\)m1
canonical/cisco ios xe
version/cisco ios xe/3.7.0e
version/cisco ios xe/3.7.1e
version/cisco ios xe/3.7.2e
version/cisco ios xe/3.7.3e
version/cisco ios xe/3.7.4e
version/cisco ios xe/3.7.5e
version/cisco ios xe/3.8.0e
version/cisco ios xe/3.8.1e
version/cisco ios xe/3.8.2e
version/cisco ios xe/3.8.3e
version/cisco ios xe/3.9.0e
version/cisco ios xe/3.9.1e
version/cisco ios xe/3.10.0s
version/cisco ios xe/3.10.1s
version/cisco ios xe/3.10.1xbs
version/cisco ios xe/3.10.2s
version/cisco ios xe/3.10.2ts
version/cisco ios xe/3.10.3s
version/cisco ios xe/3.10.4s
version/cisco ios xe/3.10.5s
version/cisco ios xe/3.10.6s
version/cisco ios xe/3.10.7s
version/cisco ios xe/3.10.8as
version/cisco ios xe/3.10.8s
version/cisco ios xe/3.11.0s
version/cisco ios xe/3.11.1s
version/cisco ios xe/3.11.2s
version/cisco ios xe/3.11.3s
version/cisco ios xe/3.11.4s
version/cisco ios xe/3.12.0as
version/cisco ios xe/3.12.1s
version/cisco ios xe/3.12.2s
version/cisco ios xe/3.12.3s
version/cisco ios xe/3.12.4s
version/cisco ios xe/3.13.0as
version/cisco ios xe/3.13.0s
version/cisco ios xe/3.13.1s
version/cisco ios xe/3.13.2as
version/cisco ios xe/3.13.2s
version/cisco ios xe/3.13.3s
version/cisco ios xe/3.13.4s
version/cisco ios xe/3.13.5as
version/cisco ios xe/3.13.5s
version/cisco ios xe/3.13.6as
version/cisco ios xe/3.13.6s
version/cisco ios xe/3.14.0s
version/cisco ios xe/3.14.1s
version/cisco ios xe/3.14.2s
version/cisco ios xe/3.14.3s
version/cisco ios xe/3.14.4s
version/cisco ios xe/3.15.0s
version/cisco ios xe/3.15.1cs
version/cisco ios xe/3.15.1s
version/cisco ios xe/3.15.2s
version/cisco ios xe/3.15.3s
version/cisco ios xe/3.15.4s
version/cisco ios xe/3.16.0cs
version/cisco ios xe/3.16.0s
version/cisco ios xe/3.16.1as
version/cisco ios xe/3.16.1s
version/cisco ios xe/3.16.2bs
version/cisco ios xe/3.16.2s
version/cisco ios xe/3.16.3as
version/cisco ios xe/3.16.3s
version/cisco ios xe/3.16.4as
version/cisco ios xe/3.16.4bs
version/cisco ios xe/3.16.4ds
version/cisco ios xe/3.16.4s
version/cisco ios xe/3.16.5s
version/cisco ios xe/3.17.0s
version/cisco ios xe/3.17.1as
version/cisco ios xe/3.17.1s
version/cisco ios xe/3.17.2s
version/cisco ios xe/3.17.3s
version/cisco ios xe/3.18.0as
version/cisco ios xe/3.18.0s
version/cisco ios xe/3.18.0sp
version/cisco ios xe/3.18.1asp
version/cisco ios xe/3.18.1bsp
version/cisco ios xe/3.18.1csp
version/cisco ios xe/3.18.1s
version/cisco ios xe/3.18.1sp
version/cisco ios xe/3.18.2s
version/cisco ios xe/3.18.3vs

CVE-2017-3849: Input Validation

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact