NVD

Id
83709  
Name
CVE-2017-3853  
Description
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. This vulnerability affects the following Cisco 800 Series Industrial Integrated Services Routers: Cisco IR809 and Cisco IR829. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52330.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2017-03-22  
Modified Date
2017-07-11  
Seq
2017-3853  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
411541 83709 CVE-2017-5344 96259  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66361 JVNDB-2017-002699 Cisco IOx におけるバッファエラーの脆弱性 Cisco IOx には、バッファエラーの脆弱性が存在します。 CVE-2017-3853 0 CVE-2017-3853 83709 10 9.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002699.html 2017-03-22 2017-04-25 View