Detections
Analytics
Cisco IOS Software NAT denial of service (cisco-sa-20170927-nat)
high Nessus Plugin ID 103669
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the Network Address Translation (NAT) feature. An unauthenticated, remote attacker can exploit this, via specially crafted NAT requests, to cause the switch to stop processing traffic, requiring a device restart to regain functionality.Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvc57217See Also
Plugin Details
Severity: High
ID: 103669
File Name: cisco-sa-20170927-nat.nasl
Version: 1.12
Type: combined
Family: CISCO
Published: 10/5/2017
Updated: 4/25/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.1
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2017-12231
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:cisco:ios
Required KB Items: Host/Cisco/IOS/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/27/2017
Vulnerability Publication Date: 9/27/2017
CISA Known Exploited Vulnerability Due Dates: 3/24/2022
Reference Information
CVE: CVE-2017-12231
BID: 101039
CISCO-SA: cisco-sa-20170927-nat
CISCO-BUG-ID: CSCvc57217