CVE-2017-6613
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.
Una vulnerabilidad en el procesador de paquetes de entrada de DNS para Cisco Prime Network Registrar podría permitir que un atacante remoto no autenticado haga que el proceso DNS se reinicie momentáneamente, lo que podría provocar una denegación parcial de servicio en el sistema afectado. La vulnerabilidad se debe a la validación incompleta del encabezado del paquete DNS cuando el paquete es recibido por la aplicación. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete DNS malformado a la aplicación. Un exploit podría permitir al atacante provocar el reinicio del proceso DNS, lo que podría llevar a una condición DoS. Esta vulnerabilidad afecta a Cisco Prime Network Registrar en todas las versiones de software anteriores a 8.3.5. Cisco Bug IDs: CSCvb55412.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-04-20 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/97924 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038331 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Prime Network Registrar Search vendor "Cisco" for product "Prime Network Registrar" | 8.3.0 Search vendor "Cisco" for product "Prime Network Registrar" and version "8.3.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Prime Network Registrar Search vendor "Cisco" for product "Prime Network Registrar" | 8.3.1 Search vendor "Cisco" for product "Prime Network Registrar" and version "8.3.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Prime Network Registrar Search vendor "Cisco" for product "Prime Network Registrar" | 8.3.2 Search vendor "Cisco" for product "Prime Network Registrar" and version "8.3.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Prime Network Registrar Search vendor "Cisco" for product "Prime Network Registrar" | 8.3.3 Search vendor "Cisco" for product "Prime Network Registrar" and version "8.3.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Prime Network Registrar Search vendor "Cisco" for product "Prime Network Registrar" | 8.3.4 Search vendor "Cisco" for product "Prime Network Registrar" and version "8.3.4" | - |
Affected
| ||||||