CVE-2017-6612

HIGH

Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033-21.1.2 - Unauthenticated HTTP Traffic Redirection

Title source: llm
STIX 2.1

Description

A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038961
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99920

Scores

CVSS v3 8.6
EPSS 0.0190
EPSS Percentile 77.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Details

CWE
CWE-119
Status published
Products (8)
cisco/asr_5000_series_software 17.3.9.62033
cisco/asr_5000_series_software 17.7.5
cisco/asr_5000_series_software 19.6.3
cisco/asr_5000_series_software 20.1.2
cisco/asr_5000_series_software 20.2.12
cisco/asr_5000_series_software 21.0.1
cisco/asr_5000_series_software 21.1.2
n/a/Cisco ASR 5000 Series Aggregation Services Routers Cisco ASR 5000 Series Aggregation Services Routers
Published Jul 25, 2017
Tracked Since Feb 18, 2026