CVE-2017-6599
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL.
Una vulnerabilidad en el manejo de llamadas de procedimiento remoto definidas por Google (gRPC) en el software Cisco IOS XR podría permitir que un atacante remoto no autenticado provocara que el Event Management Service daemond (emsd) se bloqueara debido a una pérdida de memoria del sistema, dando como resultado una denegación de servicio (DoS). Esta vulnerabilidad afecta al software Cisco IOS XR con gRPC habilitado. Más información: CSCvb14433. Lanzamientos afectados conocidos: 6.1.1.BASE 6.2.1.BASE. Lanzamientos fijos conocidos: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-04-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/97464 | Third Party Advisory | |
http://www.securitytracker.com/id/1038191 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ios | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.1.1 Search vendor "Cisco" for product "Ios Xr" and version "6.1.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.2.1 Search vendor "Cisco" for product "Ios Xr" and version "6.2.1" | - |
Affected
|