Vulnerability in Cisco Ios_xe
CVE-2017-6664
A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the auto…
Vulnerability class: Improper Certificate Validation
EPSS: 0.003 (56.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Cisco Ios_xe — versions 3.10.8as, 3.10.8s, 3.12.0s
- N/a Cisco Ios Xe — versions Cisco IOS XE
Weakness classification (CWE)
References
- psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
Frequently asked questions
- What is CVE-2017-6664?
- CVE-2017-6664 is a high-severity vulnerability in Cisco Ios_xe, classified under Improper Certificate Validation. CVSS score: 7.5/10. Published 2017-08-07.
- How severe is CVE-2017-6664?
- High severity. CVSS v3 base score is 7.5 out of 10.