Alert - Cisco IOS and IOS XE Software Cluster Management Protocol Vulnerability

Number: AL17-002
Date: 20 March 2017

Purpose

The purpose of this alert is to bring attention to a recently disclosed vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in Cisco’s IOS and IOS XE Software Cluster Management Protocol (CMP).

Assessment

CCIRC is aware of a recently disclosed vulnerability in Cisco’s IOS and IOS XE Software CMP.  Identified as CVE-2017-3881, this vulnerability code can allow a remote unauthenticated attacker to cause a reload of the affected system or to remotely execute code. 

The vulnerability could be successfully exploited by sending malformed CMP-specific Telnet options while establishing a Telnet session with a CISCO device configured to accept Telnet connections.

There are over 300 models of Cisco switches that may be affected by this vulnerability. For an extensive list of devices please visit the vendor’s Advisory (listed below).

Suggested Action

Due to the potential risk presented by this vulnerability, CCIRC recommends that system administrators monitor for the developer released security fix. Additional mitigation advise has been published by the vendor.

References:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp

Date modified: