PT-2017-17273 · Cisco · Cisco Wide Area Application Services

Published

2017-07-04

Updated

2017-07-07

CVE-2017-6721

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Cisco Wide Area Application Services (WAAS) version 6.3(1)

Description A vulnerability in the ingress processing of fragmented TCP packets could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition.

Recommendations For Cisco Wide Area Application Services (WAAS) version 6.3(1), update to version 6.3(0.143) or 6.2(3c)6 or 6.2(3.22) to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-6721

Affected Products

Cisco Wide Area Application Services

PT-2017-17273 · Cisco · Cisco Wide Area Application Services

CVE-2017-6721

Weakness Enumeration

Related Identifiers

Affected Products

References · 5