CVE-2017-6736

Cisco IOS va IOS XE dasturiy ta'minotining Simple Network Management Protocol (SNMP) quyi tizimi autentifikatsiya qilingan, masofaviy tajovuzkorga ta'sirlangan tizimda kodni masofadan bajarishga yoki ta'sirlangan tizimni qayta yuklashga olib kelishi mumkin bo'lgan bir nechta zaifliklarni o'z ichiga oladi. Tajovuzkor ushbu zaifliklardan IPv4 yoki IPv6 orqali zararlangan tizimga SNMP paketini yuborish orqali foydalanishi mumkin. Ushbu zaifliklardan foydalanish uchun faqat ta'sirlangan tizimga yo'naltirilgan trafikdan foydalanish mumkin. Zaifliklar du

CVSS Vector

Manbalar

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
• http://www.securityfocus.com/bid/99345
• http://www.securitytracker.com/id/1038808
• https://github.com/artkond/cisco-snmp-rce
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp