PT-2017-17184 · Cisco · Cisco Prime Network Registrar

Published

2017-04-20

Updated

2019-10-03

CVE-2017-6613

CVSS v3.1

5.8

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Cisco Prime Network Registrar versions prior to 8.3.5

Description A vulnerability in the DNS input packet processor could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, leading to a partial denial of service (DoS) condition. The issue is due to incomplete DNS packet header validation when a packet is received. An attacker could exploit this by sending a malformed DNS packet, allowing them to cause the DNS process to restart and potentially lead to a DoS condition.

Recommendations For versions prior to 8.3.5, update to version 8.3.5 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-20

Related Identifiers

CVE-2017-6613

Affected Products

Cisco Prime Network Registrar

PT-2017-17184 · Cisco · Cisco Prime Network Registrar

CVE-2017-6613

Weakness Enumeration

Related Identifiers

Affected Products

References · 5