PT-2017-16114 · Cisco · Cisco Industrial Ethernet 2000 Series Switches

Published

2017-02-03

Updated

2019-10-03

CVE-2017-3812

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco Industrial Ethernet 2000 Series Switches versions 15.2(5.4.32i)E2 through 15.2(5.4.61i)E2

Description A memory leak in the Common Industrial Protocol (CIP) functionality could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Recommendations For versions 15.2(5.4.32i)E2 through 15.2(5.4.61i)E2, update to version 15.2(5.4.62i)E2 to resolve the issue.

Fix

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772

Related Identifiers

CVE-2017-3812

Affected Products

Cisco Industrial Ethernet 2000 Series Switches

PT-2017-16114 · Cisco · Cisco Industrial Ethernet 2000 Series Switches

CVE-2017-3812

Weakness Enumeration

Related Identifiers

Affected Products

References · 5