CVE-2017-9487

CWE-200 — Information Exposure3 documents3 sources

Severity

5.9MEDIUM

EPSS

0.3%

top 45.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Dpc3939 Firmware Cisco Dpc3941t Firmware

Timeline

PublishedJul 31

Latest updateMay 17

Description

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶NVDcisco/dpc3939_firmwaredpc3939-p20-18-v303r20421746-170221a-cmcst

▶NVDcisco/dpc3941t_firmwaredpc3941_2.5s3_prod_sey

🔴Vulnerability Details

GHSA

GHSA-gx39-f95w-w6mf: The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2↗2022-05-17

▶

CVEList

CVE-2017-9487: The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2↗2017-07-31

▶