The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability bulletin CVE-2017-3881

Cisco IOS, IOS XE: code execution via CMP Telnet Options

Synthesis of the vulnerability

An attacker can connect to the Telnet service, then send a special CMP Telnet Option to Cisco IOS or IOS XE, in order to run code.
Impacted products: Cisco Catalyst, IOS by Cisco, IOS XE Cisco.
Severity: 4/4.
Creation date: 20/03/2017.
Revisions dates: 30/03/2017, 14/04/2017.
Identifiers: CERTFR-2017-ALE-005, CERTFR-2017-AVI-143, cisco-sa-20170317-cmp, CSCvd48893, CVE-2017-3881, VIGILANCE-VUL-22178.

Description of the vulnerability

The Cisco IOS and IOS XE products use the CMP (Cluster Management Protocol) prot...
Complete Vigil@nce bulletin.... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computers vulnerabilities alert. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.