Vulnerability Details : CVE-2017-12231
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.
Vulnerability category: Denial of service
Products affected by CVE-2017-12231
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
Max 200 conditions are displayed on this page, to prevent potential performance issues,
please refer to NVD for more details.
CVE-2017-12231 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2017-12231
Added on
2022-03-03
Action due date
2022-03-24
Exploit prediction scoring system (EPSS) score for CVE-2017-12231
10.85%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12231
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | 2024-07-16 |
CWE ids for CVE-2017-12231
-
Assigned by:
- psirt@cisco.com (Secondary)
- ykramarz@cisco.com (Secondary)
References for CVE-2017-12231
-
http://www.securityfocus.com/bid/101039
Cisco IOS Software CVE-2017-12231 Remote Denial of Service VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat
Cisco IOS Software Network Address Translation Denial of Service VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1039449
Cisco IOS H.323 NAT Processing Flaw Lets Remote Users Cause the Target System to Reload - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
Jump to