What is CVE-2017-3856?

CVE-2017-3856 is a high-severity vulnerability in Cisco Ios_xe, classified under CWE-399. CVSS score: 7.5/10. Published 2017-03-22.

How severe is CVE-2017-3856?

High severity. CVSS v3 base score is 7.5 out of 10.

Resource exhaustion in Cisco Ios_xe

CVE-2017-3856

A vulnerability in the web user interface of Cisco IOS XE 3.1 through 3.17 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected so…

EPSS: 0.009 (75.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Cisco Ios_xe — versions 3.1.0s, 3.1.0sg, 3.1.1s
N/a Cisco Ios Xe — versions Cisco IOS XE

Weakness classification (CWE)

References

psirt@cisco.com (vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2017-3856?: CVE-2017-3856 is a high-severity vulnerability in Cisco Ios_xe, classified under CWE-399. CVSS score: 7.5/10. Published 2017-03-22.
How severe is CVE-2017-3856?: High severity. CVSS v3 base score is 7.5 out of 10.