CVE-2017-6612
Summary
| CVE | CVE-2017-6612 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-07-25 19:29:00 UTC |
| Updated | 2017-08-10 12:29:00 UTC |
| Description | A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Asr 5000 Series Software | 17.3.9.62033 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 17.7.5 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 19.6.3 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 20.1.2 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 20.2.12 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 21.0.1 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 21.1.2 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 17.3.9.62033 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 17.7.5 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 19.6.3 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 20.1.2 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 20.2.12 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 21.0.1 | All | All | All |
| Application | Cisco | Asr 5000 Series Software | 21.1.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco ASR 5000 Series Aggregation Services Routers GGSN Gateway Redirect Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| Cisco ASR 5000 Series Router Packet Validation Flaw in Gateway GPRS Support Lets Remote Users Redirect Traffic - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Cisco ASR 5000 Series GGSN Gateway CVE-2017-6612 HTTP Redirection Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.