Cisco Event Response Page
Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication
-
Cisco released its semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication on March 22, 2017. In direct response to customer feedback, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.
The March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes five Cisco Security Advisories that describe five vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Two of the advisories describe vulnerabilities that are common to both Cisco IOS Software and Cisco IOS XE Software. Three of the advisories describe vulnerabilities that exist only in Cisco IOS XE Software. All the vulnerabilities have a Security Impact Rating of High. Successful exploitation of the vulnerabilities could cause a denial of service (DoS) condition or allow an attacker to execute arbitrary code on an affected system.
Cisco has confirmed that none of the vulnerabilities exist in Cisco IOS XR Software or Cisco NX-OS Software.
To quickly determine if a specific Cisco IOS or IOS XE Software release is exposed to Cisco product vulnerabilities, use the Cisco IOS Software Checker.
-
The following table identifies Cisco Security content that is associated with this Cisco IOS and IOS XE Software Security Advisory Bundled Publication:
Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A
Cisco IPS Signature Downloads
Cisco IOS OVAL Content: Frequently Asked Questions