NVD

Id
83710  
Name
CVE-2017-3856  
Description
A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have access to the management interface of the affected software, which is typically connected to a restricted management network. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software, if the web user interface of the software is enabled. By default, the web user interface is not enabled. Cisco Bug IDs: CSCup70353.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-07-18  
Published
2017-03-22  
Modified Date
2017-07-11  
Seq
2017-3856  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66362 JVNDB-2017-002700 Cisco IOS XE におけるリソース管理に関する脆弱性 Cisco IOS XE には、リソース管理に関する脆弱性が存在します。 CVE-2017-3856 0 CVE-2017-3856 83710 7.8 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002700.html 2017-03-22 2017-04-25 View