CVE-2017-9491

Name: CVE-2017-9491
Creator: NVD / NIST
Published: 2017-07-31T03:29:00.707+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.3/10EPSS 1.28%

Last modified Jun 17, 2026

CVE-2017-9491 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.. EPSS estimates a 1.28% chance of exploitation in the next 30 days.

Description

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.

Metrics

CVSS 3.1

5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Probability

1.28%

66.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Cisco	Dpc3939 Firmware	dpc3939-p20-18-v303r20421733-160420a-cmcst
Cisco	Dpc3939 Firmware	dpc3939-p20-18-v303r20421746-170221a-cmcst
Cisco	Dpc3939b Firmware	dpc3939b-v303r204217-150321a-cmcst
Cisco	Dpc3941t Firmware	dpc3941_2.5s3_prod_sey
Commscope	Arris Tg1682g Firmware	10.0.132.sip.pc20.ct
Commscope	Arris Tg1682g Firmware	tg1682_2.2p7s2_prod_sey

References

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-35.improper-cookie-flags.txtMitigation, Third Party Advisory
https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-35.improper-cookie-flags.txtMitigation, Third Party Advisory

Timeline

Published: Jul 31, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-9491?

How severe is CVE-2017-9491?

CVE-2017-9491 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 1.28% probability of exploitation in the next 30 days.

How do I fix CVE-2017-9491?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-9491?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST