Follow

04/24/17: Vault 7 Cisco Flaw | Security Bulletin

Overview

A flaw, CVE-2017-3881, has been found within Cisco products. This flaw allows special Cisco cluster management protocol messages sent to poorly secured Cisco products to give remote code execution to an attacker.

Alert Logic Coverage

In order for a target device to be vulnerable to this attack type, it must have its management network exposed to the public Internet and encrypted telnet must be available to the attacker on the public-facing network. Alert Logic® customers with basic security practices in place are not at risk for this vulnerability. Customers should ensure that their Cisco device management networks are not exposed to the public Internet.

Cisco is evaluating the situation and necessary next steps, and Alert Logic continues to monitor developments.

Contacting Alert Logic

With questions, contact Alert Logic Support using the following contact information:

US: 877.484.8383 (Option 2)

UK: +44 (0) 203 011 5533 (Option 1)

Email: support@alertlogic.com

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.