CVE-2017-3859
Summary
| CVE | CVE-2017-3859 |
|---|---|
| State | PUBLISHED |
| Assigner | cisco |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-22 19:59:00 UTC |
| Updated | 2025-04-20 01:37:25 UTC |
| Description | A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco ASR 920 Series Aggregation Services Routers that are running an affected release of Cisco IOS XE Software (3.13 through 3.18) and are listening on the DHCP server port. By default, the devices do not listen on the DHCP server port. Cisco Bug IDs: CSCuy56385. |
Risk And Classification
Primary CVSS: v3.0 7.5 HIGH from [email protected]
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Problem Types: CWE-134 | CWE-134 CWE-134
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 7.5 | HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 2.0 | [email protected] | Primary | 7.8 | AV:N/AC:L/Au:N/C:N/I:N/A:C |
CVSS v3.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
CompleteAV:N/AC:L/Au:N/C:N/I:N/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Asr-920-12cz-a | - | All | All | All |
| Hardware | Cisco | Asr-920-12cz-d | - | All | All | All |
| Hardware | Cisco | Asr-920-12sz-im | - | All | All | All |
| Hardware | Cisco | Asr-920-24sz-im | - | All | All | All |
| Hardware | Cisco | Asr-920-24sz-m | - | All | All | All |
| Hardware | Cisco | Asr-920-24tz-m | - | All | All | All |
| Hardware | Cisco | Asr-920-4sz-a | - | All | All | All |
| Hardware | Cisco | Asr-920-4sz-d | - | All | All | All |
| Operating System | Cisco | Ios Xe | 3.13.4s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.13.5as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.13.5s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.13.6as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.13.6s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.14.3s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.14.4s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.15.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.15.3s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.15.4s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.0cs | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.0s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.1as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.2as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.2bs | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.3as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.16.3s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.17.0s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.17.1as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.17.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.17.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.0as | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.0s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.0sp | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.1asp | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.1bsp | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.1csp | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.1sp | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 3.18.3vs | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Na | Cisco IOS XE Software For Cisco ASR 920 Series Routers | affected Cisco IOS XE Software for Cisco ASR 920 Series Routers | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | tools.cisco.com | Vendor Advisory |
| Cisco IOS XE Software CVE-2017-3859 Denial of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco IOS XE for Cisco ASR 920 Series Routers Format String Bug in Zero Touch Provisioning Lets Remote Users Cause the Target System to Reload - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.