HomePentest-Tools.com Logo

Cisco IOS XE Software Web User Interface Denial of Service Vulnerability CVE-2017-3856

Severity
CVSSv3 Score
7.5
Vulnerability description

A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

Risk description

The vulnerability is due to insufficient resource handling by the affected software when the web user interface is under a high load. An attacker could exploit this vulnerability by sending a high number of requests to the web user interface of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 22, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available