CVE-2017-3881
Cisco / IOS and IOS XE
Added 2022-03-25
Due 2022-04-15
Cisco IOS and IOS XE Remote Code Execution Vulnerability
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
Required action
Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-3881
Metadata
| Added to KEV | 2022-03-25 |
| Remediation due | 2022-04-15 |
| Ransomware use | Unknown |
| CWEs | CWE-20 |
| Ingested | 2026-04-24 15:03:13 |
Cross-mesh regulatory overlay
If you're breached via this CVE, what disclosure laws and cyber regs fire? Asks LexiWorld and RegulatoryRadar via signed mesh.