Cisco Security Advisory: Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----=0D=0AHash: SHA1=0D=0A=0D=0ACis=
co Security Advisory: Cisco IOS and IOS XE Software Cluster Manag=
ement Protocol Remote Code Execution Vulnerability=0D=0A=0D=0AAdv=
isory ID: cisco-sa-20170317-cmp=0D=0A=0D=0ARevision: 1.0=0D=0A=0D=0A=
For Public Release: 2017 March 17 16:00 GMT=0D=0A=0D=0ALast Updat=
ed: 2017 March 17 16:00 GMT=0D=0A=0D=0ACVE ID(s): CVE-2017-3881=0D=0A=
=0D=0ACVSS Score v(3): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I=
:H/A:H=0D=0A=0D=0A+----------------------------------------------=
-----------------------=0D=0A=0D=0ASummary=0D=0A=3D=3D=3D=3D=3D=3D=
=3D=0D=0AA vulnerability in the Cisco Cluster Management Protocol=
 (CMP) processing code in Cisco IOS and Cisco IOS XE Software cou=
ld allow an unauthenticated, remote attacker to cause a reload of=
 an affected device or remotely execute code with elevated privil=
eges.=0D=0A=0D=0AThe Cluster Management Protocol utilizes Telnet =
internally as a signaling and command protocol between cluster me=
mbers. The vulnerability is due to the combination of two factors=
:=0D=0A=0D=0A The failure to restrict the use of CMP-specific Tel=
net options only to internal, local communications between cluste=
r members and instead accept and process such options over any Te=
lnet connection to an affected device, and=0D=0AThe incorrect pro=
cessing of malformed CMP-specific Telnet options.=0D=0A  An attac=
ker could exploit this vulnerability by sending malformed CMP-spe=
cific Telnet options while establishing a Telnet session with an =
affected Cisco device configured to accept Telnet connections. An=
 exploit could allow an attacker to execute arbitrary code and ob=
tain full control of the device or cause a reload of the affected=
 device.=0D=0A=0D=0ACisco will release software updates that addr=
ess this vulnerability. There are no workarounds that address thi=
s vulnerability.=0D=0A=0D=0AThis advisory is available at the fol=
lowing link:=0D=0Ahttps://tools.cisco.com/security/center/content=
/CiscoSecurityAdvisory/cisco-sa-20170317-cmp ["https://tools.cisc=
o.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2017=
0317-cmp"]=0D=0A=0D=0A-----BEGIN PGP SIGNATURE-----=0D=0A=0D=0AiQ=
KBBAEBAgBrBQJYzAjfZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg=0D=0A=
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx=0D=0A=
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHm3jRAAzLR1b6oQbXCkv0yQ=0D=0A=
GpiGyo0l97V74L+99IvzJzibQrNr/7oFNVc0Sm0SWtGJwhBdIFWKKp7tpfxLFUYw=0D=0A=
QpgpmOQHfu70kajINv5hshpKReIT2lnUhmAiK0VQzxp8QY/3WboSTjEYLOTmFHHh=0D=0A=
xb3dNWmvGYiT9tuSvQ70AkMnl2EfU+P+pkucjcku4Vi5Jri7BIIIPjz1by16Juh+=0D=0A=
tIB5elmrFOFF/WGRERLo/a3anNlnoszoJxu+m57uS8CYICTnqJKeDEinpm64j0IB=0D=0A=
7dWi1qqDTx9973zsmcqUZqeY9kSwierDJW5cii49GrOFOHUeJ9eWCOogEnE1+U4G=0D=0A=
iz7cJHsQ4qqBF39PBTMlxtY6xjhgGJDkRf3dzJBONH9EfoTpQOFMlO9220/2wlMe=0D=0A=
SquIU+SY31pW/xHcRfD8NoALZQ5EqrOkbbRXPGe/LwSUcXiFSBL0iMaE/jOPIRRs=0D=0A=
q6c7lbQr2kay0hTUMovhCvkVUlIC4eJAjwES3vau0EynKlumoYUb2Z7kSAq9QRqU=0D=0A=
vjHX1Iq+wrh+pM/+GFpx12yJzaDtIrBQSNtB/Jf8p0kNqlja/4Z90DDtwTCTaalR=0D=0A=
7hGFyGWo3X3dPBxEL4OcASAaf2uC/J0ozprd0xCS8rsiMfn3rBYWtE6taK88njda=0D=0A=
6UdaqFK+zmUBK8rQV0Lu6mOFpOo=3D=0D=0A=3DQl/1=0D=0A-----END PGP SIG=
NATURE-----=0D=0A