What is CVE-2017-3857?

CVE-2017-3857 is a high-severity vulnerability in Cisco Ios, classified under CWE-399. CVSS score: 7.5/10. Published 2017-03-22.

How severe is CVE-2017-3857?

High severity. CVSS v3 base score is 7.5 out of 10.

Resource exhaustion in Cisco Ios

CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected devic…

EPSS: 0.011 (78.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Cisco Ios
Cisco Ios_xe
N/a Cisco Ios And Xe — versions Cisco IOS and IOS XE

Weakness classification (CWE)

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, VDB Entry)

Frequently asked questions

What is CVE-2017-3857?: CVE-2017-3857 is a high-severity vulnerability in Cisco Ios, classified under CWE-399. CVSS score: 7.5/10. Published 2017-03-22.
How severe is CVE-2017-3857?: High severity. CVSS v3 base score is 7.5 out of 10.