SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE

Summary:
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. 


Affected Products:
These vulnerabilities affect all releases of Cisco IOS and IOS XE Software prior to the first fixed release and they affect all versions of SNMP—Versions 1, 2c, and 3.

To determine if the IOS or IOS XE is affected by this vulnerability, use the Cisco Software Checker tool. Below is an example that shows version 15.6(2)T1 is affected by this vulnerability (SNMP Remote Code Execution) and that the first fix in the same IOS line is 15.6(3)M2.

Inline images 1

Devices running affected IOS/IOS_XE versions and that are configured with any of the following MIBs are vulnerable:
  • ADSL-LINE-MIB
  • ALPS-MIB
  • CISCO-ADSL-DMT-LINE-MIB
  • CISCO-BSTUN-MIB
  • CISCO-MAC-AUTH-BYPASS-MIB
  • CISCO-SLB-EXT-MIB
  • CISCO-VOICE-DNIS-MIB
  • CISCO-VOICE-NUMBER-EXPANSION-MIB
  • TN3270E-RT-MIB

To display a list of the MIBs that are registered and enabled on a device, administrators can issue the show snmp mib command in privileged EXEC mode.


Workaround:
Disable the above vulnerable MIBs. To do so, administrators can use the snmp-server view global configuration command, as shown in the following example:

snmp-server view NO_BAD_SNMP iso included
snmp-server view NO_BAD_SNMP internet included
snmp-server view NO_BAD_SNMP snmpUsmMIB excluded
snmp-server view NO_BAD_SNMP snmpVacmMIB excluded
snmp-server view NO_BAD_SNMP snmpCommunityMIB excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.252 excluded
snmp-server view NO_BAD_SNMP transmission.94 excluded
snmp-server view NO_BAD_SNMP mib-2.34.9 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.35 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.95 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.130 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.219 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.254 excluded
snmp-server view NO_BAD_SNMP ciscoMabMIB excluded
snmp-server view NO_BAD_SNMP ciscoExperiment.997 excluded

To then apply this configuration to a community string, administrators can use the following command:

 snmp-server community mycomm view NO_BAD_SNMP RO

For SNMP Version 3, administrators can use the following command:

 snmp-server group v3group auth read NO_BAD_SNMP write NO_BAD_SNMP


Further Info & Assistance:
This advisory is available at the following link:

Reference CVEs:
CVE-2017-6736
CVE-2017-6737
CVE-2017-6738
CVE-2017-6739
CVE-2017-6740
CVE-2017-6741
CVE-2017-6742
CVE-2017-6743
CVE-2017-6744

For assistance in mitigating this vulnerability, open a case by calling our 24x7 call center +961-1-511822 or on support.dcgroup.com.
Previous
Next Post »

36 comments

Write comments
fatha
AUTHOR
July 12, 2017 at 3:57 PM delete

Does disabling these SNMP MIBS cause any issues in existing SNMP operation ?

Reply
avatar
Unknown
AUTHOR
August 2, 2017 at 2:48 PM delete

Hall of Fame - 2017, Live Stream, Pro Football, TV Online, How to watch Free

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

https://halloffame-game.com

Reply
avatar
Hema
AUTHOR
August 4, 2017 at 9:31 AM delete

you are posting such a new idea is very interesting and give updates.
msbi training in chennai

Reply
avatar
Sindhuja Ravi
AUTHOR
August 8, 2017 at 1:33 PM delete

your post conveys a good messages and interesting things and give more updates.
digital marketing company in india

Reply
avatar
October 8, 2020 at 6:24 AM delete

I want to thank you for your efforts in writing this article. I also hope the same better job from you in the future. In fact, her creative writing skills inspired me to start my own Blog Engine blog now. Blogs are really spreading their wings quickly. Your writing is a good example.

Business Analytics Course in Bangalore

Reply
avatar
October 8, 2020 at 3:50 PM delete

I'm glad I found this blog! Occasionally, students want to know the keys to writing productive literary essays. Your first-class knowledge of this great job can become a suitable foundation for these people. Good

Data Analytics Course in Bangalore

Reply
avatar
October 10, 2020 at 12:42 PM delete

I am a new user of this site, so here I saw several articles and posts published on this site, I am more interested in some of them, hope you will provide more information on these topics in your next articles. Tableau Course in Bangalore

Reply
avatar
jegan
AUTHOR
January 12, 2021 at 8:37 PM delete

wonderful article contains lot of valuable information. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article.
This article resolved my all queries.good luck an best wishes to the team members.continue posting.learn digital marketing use these following link
Digital Marketing Course in Chennai

Reply
avatar
February 6, 2021 at 9:28 AM delete

I am here for the first time. I found this table and found it really useful and it helped me a lot. I hope to present something again and help others as you have helped me.

Artificial Intelligence Course in Bangalore

Reply
avatar
Pallavi reddy
AUTHOR
April 28, 2021 at 9:59 PM delete

i am glad to discover this page : i have to thank you for the time i spent on this especially great reading !! i really liked each part and also bookmarked you for new information on your site.
data scientist course in bangalore

Reply
avatar
Unknown
AUTHOR
April 30, 2021 at 12:32 PM delete

I want to leave a little comment to support and wish you the best of luck.we wish you the best of luck in all your blogging endeavours.
data science course in bangalore with placement

Reply
avatar
Unknown
AUTHOR
April 30, 2021 at 12:47 PM delete

I want to leave a little comment to support and wish you the best of luck.we wish you the best of luck in all your blogging endeavours.
data science certification in bangalore

Reply
avatar
Data Science
AUTHOR
May 12, 2021 at 9:11 AM delete

I am glad to discover this page. I have to thank you for the time I spent on this especially great reading !! I really liked each part and also bookmarked you for new information on your site.
Data Science Training in Chennai

Reply
avatar
Mallela
AUTHOR
June 14, 2021 at 9:52 AM delete

Thanks for posting the best information and the blog is very important.artificial intelligence course in hyderabad

Reply
avatar
Priya Rathod
AUTHOR
July 24, 2021 at 12:57 PM delete

Nice post. This blog provides me to get more knowledge. Thanks for sharing. I congrats for your work
AWS Training in Hyderabad
AWS Course in Hyderabad

Reply
avatar