PT-2017-17183 · Cisco · Cisco Asr 5000 Series Aggregation Services Routers

Published

2017-07-25

Updated

2017-08-10

CVE-2017-6612

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Cisco ASR 5000 Series Aggregation Services Routers versions 17.3.9.62033 through 21.1.2

Description A vulnerability in the gateway GPRS support node (GGSN) could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device.

Recommendations For versions 17.3.9.62033 through 21.1.2, update to a fixed version to prevent HTTP traffic redirection by an unauthenticated, remote attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-6612

Affected Products

Cisco Asr 5000 Series Aggregation Services Routers

PT-2017-17183 · Cisco · Cisco Asr 5000 Series Aggregation Services Routers

CVE-2017-6612

Weakness Enumeration

Related Identifiers

Affected Products

References · 5