CVE-2017-6612
HIGHCisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033-21.1.2 - Unauthenticated HTTP Traffic Redirection
Title source: llmDescription
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038961
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99920
Scores
CVSS v3
8.6
EPSS
0.0190
EPSS Percentile
77.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Details
CWE
CWE-119
Status
published
Products (8)
cisco/asr_5000_series_software
17.3.9.62033
cisco/asr_5000_series_software
17.7.5
cisco/asr_5000_series_software
19.6.3
cisco/asr_5000_series_software
20.1.2
cisco/asr_5000_series_software
20.2.12
cisco/asr_5000_series_software
21.0.1
cisco/asr_5000_series_software
21.1.2
n/a/Cisco ASR 5000 Series Aggregation Services Routers
Cisco ASR 5000 Series Aggregation Services Routers
Published
Jul 25, 2017
Tracked Since
Feb 18, 2026