CVE-2017-6633
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition. Cisco Bug IDs: CSCva65544.
Vulnerabilidad en el proceso de limitación de TCP de Cisco UCS C-Series Rack Servers 3.0 (0.234) podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a la insuficiencia de la limitación de la protección. Un atacante podría explotar esta vulnerabilidad enviando una alta tasa de paquetes TCP SYN a un puerto de escucha TCP específico en un dispositivo afectado. Un exploit podría permitir al atacante hacer que un puerto de escucha específico de TCP dejara de aceptar nuevas conexiones, resultando en una condición DoS. ID de errores de Cisco: CSCva65544.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-05-22 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98525 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038513 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc | 2017-07-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Unified Computing System Search vendor "Cisco" for product "Unified Computing System" | 3.0\(0.234\) Search vendor "Cisco" for product "Unified Computing System" and version "3.0\(0.234\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs C220 M4 Rack Server Search vendor "Cisco" for product "Ucs C220 M4 Rack Server" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Computing System Search vendor "Cisco" for product "Unified Computing System" | 3.0\(0.234\) Search vendor "Cisco" for product "Unified Computing System" and version "3.0\(0.234\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs C240 M4 Rack Server Search vendor "Cisco" for product "Ucs C240 M4 Rack Server" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Computing System Search vendor "Cisco" for product "Unified Computing System" | 3.0\(0.234\) Search vendor "Cisco" for product "Unified Computing System" and version "3.0\(0.234\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs C3160 Rack Server Search vendor "Cisco" for product "Ucs C3160 Rack Server" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Computing System Search vendor "Cisco" for product "Unified Computing System" | 3.0\(0.234\) Search vendor "Cisco" for product "Unified Computing System" and version "3.0\(0.234\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ucs C460 M4 Rack Server Search vendor "Cisco" for product "Ucs C460 M4 Rack Server" | - | - |
Safe
|