Number: AL17-002
Date: 20 March 2017
Purpose
The purpose of this alert is to bring attention to a recently disclosed vulnerability in Cisco’s IOS and IOS XE Software Cluster Management Protocol (CMP).
Assessment
CCIRC is aware of a recently disclosed vulnerability in Cisco’s IOS and IOS XE Software CMP. Identified as CVE-2017-3881, this vulnerability code can allow a remote unauthenticated attacker to cause a reload of the affected system or to remotely execute code.
The vulnerability could be successfully exploited by sending malformed CMP-specific Telnet options while establishing a Telnet session with a CISCO device configured to accept Telnet connections.
There are over 300 models of Cisco switches that may be affected by this vulnerability. For an extensive list of devices please visit the vendor’s Advisory (listed below).
Suggested Action
Due to the potential risk presented by this vulnerability, CCIRC recommends that system administrators monitor for the developer released security fix. Additional mitigation advise has been published by the vendor.
References:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp