Strix
26.1K

CVE-2017-6720

MEDIUMCVSS 6.5/10EPSS 1.40%

Last modified

CVE-2017-6720 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. EPSS estimates a 1.40% chance of exploitation in the next 30 days.

Description

A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377.

Metrics

CVSS 3.1
6.5/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
1.40%

68.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoSf302-08pp Firmware< 1.4.8.06
CiscoSf302-08mpp Firmware< 1.4.8.06
CiscoSg300-10pp Firmware< 1.4.8.06
CiscoSg300-10mpp Firmware< 1.4.8.06
CiscoSf300-24pp Firmware< 1.4.8.06
CiscoSf300-48pp Firmware< 1.4.8.06
CiscoSg300-28pp Firmware< 1.4.8.06
CiscoSf300-08 Firmware< 1.4.8.06
CiscoSf300-48p Firmware< 1.4.8.06
CiscoSg300-10mp Firmware< 1.4.8.06
CiscoSg300-10p Firmware< 1.4.8.06
CiscoSg300-10 Firmware< 1.4.8.06
CiscoSg300-28p Firmware< 1.4.8.06
CiscoSf300-24p Firmware< 1.4.8.06
CiscoSf302-08mp Firmware< 1.4.8.06
CiscoSg300-28 Firmware< 1.4.8.06
CiscoSf300-48 Firmware< 1.4.8.06
CiscoSg300-20 Firmware< 1.4.8.06
CiscoSf302-08p Firmware< 1.4.8.06
CiscoSg300-52 Firmware< 1.4.8.06
CiscoSf300-24 Firmware< 1.4.8.06
CiscoSf302-08 Firmware< 1.4.8.06
CiscoSf300-24mp Firmware< 1.4.8.06
CiscoSg300-10sfp Firmware< 1.4.8.06
CiscoSg300-28mp Firmware< 1.4.8.06
CiscoSg300-52p Firmware< 1.4.8.06
CiscoSg300-52mp Firmware< 1.4.8.06
CiscoSg500-28mpp Firmware< 1.4.8.06
CiscoSg500-52mp Firmware< 1.4.8.06
CiscoSg500xg-8f8t Firmware< 1.4.8.06
CiscoSf500-24 Firmware< 1.4.8.06
CiscoSf500-24p Firmware< 1.4.8.06
CiscoSf500-48 Firmware< 1.4.8.06
CiscoSf500-48p Firmware< 1.4.8.06
CiscoSg500-28 Firmware< 1.4.8.06
CiscoSg500-28p Firmware< 1.4.8.06
CiscoSg500-52 Firmware< 1.4.8.06
CiscoSg500-52p Firmware< 1.4.8.06
CiscoSg500x-24 Firmware< 1.4.8.06
CiscoSg500x-24p Firmware< 1.4.8.06
CiscoSg500x-48 Firmware< 1.4.8.06
CiscoSg500x-48p Firmware< 1.4.8.06
CiscoEsw2-350g-52 Firmware< 1.4.8.06
CiscoEsw2-350g-52dc Firmware< 1.4.8.06
CiscoEsw2-550x-48 Firmware< 1.4.8.06
CiscoEsw2-550x-48dc Firmware< 1.4.8.06
CiscoSg350-10 Firmware< 2.3.0.130
CiscoSg350-10p Firmware< 2.3.0.130
CiscoSg350-10mp Firmware< 2.3.0.130
CiscoSg355-10p Firmware< 2.3.0.130

Showing 50 of 85 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-6720?
A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377.
How severe is CVE-2017-6720?
CVE-2017-6720 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 1.40% probability of exploitation in the next 30 days.
How do I fix CVE-2017-6720?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6720?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST