CVE-2017-6780

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP packets to a specific group of open listening ports on a targeted device. An exploit could allow the attacker to cause the system to consume additional memory. If enough available memory is consumed, the system will restart, creating a temporary denial of service (DoS) condition. The DoS condition will end after the device has finished the restart process. This vulnerability affects the following Cisco products: Connected Grid Network Management System, if running a software release prior to IoT-FND Release 4.0; IoT Field Network Director, if running a software release prior to IoT-FND Release 4.0. Cisco Bug IDs: CSCvc77164.

Una vulnerabilidad en el proceso de limitación TCP para Cisco IoT Field Network Director (IoT-FND) podría permitir que un atacante remoto sin autenticar provoque que el sistema consuma memoria adicional, forzando finalmente el reinicio del dispositivo. Esto también se conoce como agotamiento de memoria. Esta vulnerabilidad se debe a una protección de límite de tasa insuficiente. Un atacante podría explotar esta vulnerabilidad enviando una gran tasa de paquetes TCP a un grupo en concreto de puertos abiertos en escucha en un dispositivo objetivo. La vulnerabilidad podría permitir que el atacante provocase que el sistema consuma memoria adicional. Si se consume la suficiente memoria, el sistema se reiniciará, creando una condición temporal de denegación de servicio. La denegación de servicio terminará una vez el dispositivo haya finalizado el proceso de reinicio. Esta vulnerabilidad afecta a los siguientes productos Cisco: Connected Grid Network Management System, si ejecuta una versión de software anterior a IoT-FND Release 4.0; IoT Field Network Director, si ejecuta una versión de software anterior a IoT-FND Release 4.0. Cisco Bug IDs: CSCvc77164.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-03-09 CVE Reserved
2017-09-07 CVE Published
2023-07-18 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors
CWE-770: Allocation of Resources Without Limits or Throttling

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/100641	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-fnd	2019-10-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Connected Grid Network Management System Search vendor "Cisco" for product "Connected Grid Network Management System"				<= 3.0\(0.54\) Search vendor "Cisco" for product "Connected Grid Network Management System" and version " <= 3.0\(0.54\)"		-		Affected
Cisco Search vendor "Cisco"		Iot Field Network Director Search vendor "Cisco" for product "Iot Field Network Director"				<= 3.2.0-182 Search vendor "Cisco" for product "Iot Field Network Director" and version " <= 3.2.0-182"		-		Affected