VDB-100409 · CVE-2017-6613 · BID 97924

Cisco Prime Network Registrar till 8.3.4 DNS Input Packet Processor förnekande av tjänsten

En problematiskt svag punkt hittades i Cisco Prime Network Registrar till 8.3.4. Som påverkar en okänd funktion av komponenten DNS Input Packet Processor. En uppgradering till den version 8.3.5 att åtgärda problemet.

Fält19/09/2020 09:4221/12/2020 11:0521/12/2020 11:07
vendorCiscoCiscoCisco
namePrime Network RegistrarPrime Network RegistrarPrime Network Registrar
version<=8.3.4<=8.3.4<=8.3.4
componentDNS Input Packet ProcessorDNS Input Packet ProcessorDNS Input Packet Processor
cwe399 (förnekande av tjänsten)399 (förnekande av tjänsten)399 (förnekande av tjänsten)
risk111
cvss2_vuldb_basescore5.05.05.0
cvss2_vuldb_tempscore4.44.44.4
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciNNN
cvss2_nvd_iiNNN
cvss2_nvd_aiPPP
cvss3_meta_basescore5.85.85.8
cvss3_meta_tempscore5.65.65.6
cvss3_vuldb_basescore5.85.85.8
cvss3_vuldb_tempscore5.65.65.6
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sCCC
cvss3_nvd_cNNN
cvss3_nvd_iNNN
cvss3_nvd_aLLL
date1492646400 (20/04/2017)1492646400 (20/04/2017)1492646400 (20/04/2017)
locationWebsiteWebsiteWebsite
typeAdvisoryAdvisoryAdvisory
urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns
identifiercisco-sa-20170419-prime-dnscisco-sa-20170419-prime-dnscisco-sa-20170419-prime-dns
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
upgrade_version8.3.58.3.58.3.5
cveCVE-2017-6613CVE-2017-6613CVE-2017-6613
cve_assigned1489017600 (09/03/2017)1489017600 (09/03/2017)1489017600 (09/03/2017)
cve_nvd_published149264640014926464001492646400
cve_nvd_summaryA vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.
securityfocus979249792497924
securityfocus_titleCisco Prime Network Registrar CVE-2017-6613 Denial of Service VulnerabilityCisco Prime Network Registrar CVE-2017-6613 Denial of Service VulnerabilityCisco Prime Network Registrar CVE-2017-6613 Denial of Service Vulnerability
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
0day_days111
cvss3_nvd_basescore5.85.85.8
discoverydate149256000014925600001492560000
company_nameCiscoCiscoCisco
confirm_urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns
osvdb_titleCVE-2017-6613 - Cisco - Prime Network Registrar - Denial of Service IssueCVE-2017-6613 - Cisco - Prime Network Registrar - Denial of Service IssueCVE-2017-6613 - Cisco - Prime Network Registrar - Denial of Service Issue
securityfocus_date1492560000 (19/04/2017)1492560000 (19/04/2017)1492560000 (19/04/2017)
securityfocus_classFailure to Handle Exceptional ConditionsFailure to Handle Exceptional ConditionsFailure to Handle Exceptional Conditions
sectracker10383311038331
cvss2_nvd_basescore5.05.0
person_nameCisco.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!