nvd-json-data-feeds/CVE-2017/CVE-2017-66xx/CVE-2017-6641.json

{
  "id": "CVE-2017-6641",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2017-05-22T01:29:00.477",
  "lastModified": "2019-10-09T23:28:53.433",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack. Cisco Bug IDs: CSCva29806."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de manejo de la conexi\u00f3n TCP de Remote Expert Manager Software versi\u00f3n 11.0.0 de Cisco, podr\u00eda permitir a un atacante no autenticado remoto deshabilitar los puertos TCP y causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad es debido a la falta de la funcionalidad de limitaci\u00f3n de velocidad en la aplicaci\u00f3n TCP Listen del programa afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo de tr\u00e1fico TCP en el que se inundan tipos espec\u00edficos de paquetes TCP a un dispositivo afectado, por ejemplo, un flujo de paquetes TCP en el que el bit FIN de TCP se establece en todos los paquetes TCP. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante hacer que ciertos puertos de escucha de TCP en el sistema afectado dejen de aceptar conexiones entrantes durante un per\u00edodo de tiempo o hasta que se reinicie el dispositivo afectado, resultando en una condici\u00f3n DoS. Adem\u00e1s, los recursos del sistema, como la CPU y la memoria, podr\u00edan agotarse durante el ataque. IDs de Bug de Cisco: CSCva29806."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ]
    },
    {
      "source": "ykramarz@cisco.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:cisco:remote_expert_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FBE8C1-28EE-41E6-AFCB-719EAC7A0685"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securityfocus.com/bid/98532",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}