CVE-2017-6744

CISA description

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.

Required action

Apply updates per vendor instructions.

Notes & references

• https://nvd.nist.gov/vuln/detail/CVE-2017-6744

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

• RA-5 · Vulnerability Monitoring and Scanning
• SI-2 · Flaw Remediation
• CM-6 · Configuration Settings
• SI-7 · Software, Firmware, and Information Integrity
• CM-8 · System Component Inventory

External lookups

• NVD · CVE-2017-6744
• CVE.org · CVE-2017-6744
• CISA KEV catalog (canonical)