blog post

Over 300 Cisco products are affected by a zero-day vulnerability Cisco discovered last week, and for which no patch is available at the time of writing.

Cisco engineers discovered the zero-day following a company-wide effort to investigate how the recently disclosed WikiLeaks "Vault 7" leak affected the company's products.

Solution: This vulnerability (CVE-2017-3881) resides in the Cluster Management Protocol code in Cisco IOS and Cisco IOS XE Software. According to Cisco, the firmware installed on 318 product models is currently affected.

The company's engineers say the zero-day can be exploited only via Telnet, so disabling Telnet and enabling SSH would protect all devices and still give network admins a means to manage devices from remote locations.

If disabling Telnet is not a solution, implementing infrastructure access control lists (iACLs) can help admins limit who can access the Telnet port.

Cisco says it did not detect any attempts to exploit the flaw prior to going public with its findings.


Go Back