CVE-2017-6663
Published: 07 August 2017
Summary
CVE-2017-6663 is a medium-severity an unspecified weakness vulnerability in Cisco Ios. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 14.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-2 (Flaw Remediation).
Deeper analysis
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software can be triggered to force autonomic nodes to reload. The flaw affects the releases Denali-16.2.1 and Denali-16.3.1 and is tracked as CSCvd88936. Its CVSS 3.1 base score is 6.5, reflecting an attack that requires only adjacent network access and no authentication or user interaction.
An unauthenticated attacker positioned on the same network segment can send crafted autonomic-networking messages to affected devices. Successful exploitation produces a denial-of-service condition by repeatedly reloading the targeted autonomic nodes, disrupting network operations that rely on those nodes.
The official Cisco Security Advisory cisco-sa-20170726-anidos, referenced at tools.cisco.com, supplies additional details on the issue and recommended remediation steps for customers running the listed releases. No information on observed in-the-wild exploitation is provided in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-15717
Vulnerability details
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition.…
more
More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.
- CWE(s)
- KEV Date Added
- 03 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the crafted autonomic messages that trigger node reloads by implementing protections against denial-of-service conditions on network devices.
Requires prompt application of vendor patches for the specific flaw (CSCvd88936) in the affected Denali releases to eliminate the autonomic networking vulnerability.
Boundary protection mechanisms can filter or block unauthorized adjacent-network autonomic messages before they reach IOS/IOS-XE devices.