漏洞类别:Cisco
漏洞等级: 
漏洞信息
A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked.
The vulnerability exists because the affected software does not transfer certificate revocation lists (CRLs) across Autonomic Control Plane (ACP) channels.
漏洞危害
An attacker could exploit this vulnerability by connecting an autonomic node, which has a known and revoked certificate, to the autonomic domain of an affected system. A successful exploit could allow the attacker to insert a previously trusted autonomic node into the autonomic domain of an affected system after the certificate for the node has been revoked.
解决方案
Refer to Cisco advisory cisco-sa-20170726-anicrl for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论