CVE-2017-6663

high-risk

Published 2017-08-07

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.

Do I need to act?

2.3% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Ios

Affected Vendors

Cisco

References (7)

Third Party Advisory http://www.securityfocus.com/bid/99973

Third Party Advisory http://www.securitytracker.com/id/1038999

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

Third Party Advisory http://www.securityfocus.com/bid/99973

Third Party Advisory http://www.securitytracker.com/id/1038999

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-...

/ 100

high-risk

Severity 21/34 · High

Exploitability 12/34 · Low

Exposure 33/34 · Critical