cvelistv5 - cve-2017-6745

CVE-2017-6745 (GCVE-0-2017-6745)

Vulnerability from cvelistv5

Published

2017-08-07 06:00

Modified

2024-08-05 15:41

Severity ?

CWE

CWE-119

Summary

References

URL

	Vendor	Product	Version
	n/a	Cisco Videoscape Distribution Suite Cache Server	Version: Cisco Videoscape Distribution Suite Cache Server

var-201708-1353

Vulnerability from variot

A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260. Cisco Videoscape Distribution Suite (VDS) for Television Contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvc39260 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. The solution supports streaming media live broadcast, dynamic acquisition of content library and content caching, etc. cache server is one of the cache servers

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201708-1353",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.4\\(2\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.2\\(5\\)es1"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.8\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.4\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.6\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.5\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.4\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(4\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(2\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.2\\(7\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.9\\(1\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(5\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.5\\(1\\)-cos"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.2\\(6\\)"
      },
      {
        "model": "videoscape distribution suite for television",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "videoscape distribution suite for television 3.2 es1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "tv streamer application",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "tv streamer application",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.6(1)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:videoscape_distribution_suite_for_television",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-6745",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-6745",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-114948",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-6745",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-6745",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-6745",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201708-137",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-114948",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-6745",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260. Cisco Videoscape Distribution Suite (VDS) for Television Contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvc39260 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. The solution supports streaming media live broadcast, dynamic acquisition of content library and content caching, etc. cache server is one of the cache servers",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6745",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "100106",
        "trust": 2.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2017.1179.2",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-114948",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "id": "VAR-201708-1353",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:17:06.887000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20170802-vds",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
      },
      {
        "title": "Cisco Videoscape Distribution Suite for Television cache server Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=72379"
      },
      {
        "title": "Cisco: Cisco Videoscape Distribution Suite Cache Server Denial of Service Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20170802-vds"
      },
      {
        "title": "Symantec Security Advisories: SA148: Linux Kernel Vulnerabilities Feb-Apr 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=f0d00b7af116794375aefb8b1a967bc5"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170802-vds"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/100106"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6745"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6745"
      },
      {
        "trust": 0.6,
        "url": "https://bto.bluecoat.com/security-advisory/sa148"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2017.1179.2/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "db": "BID",
        "id": "100106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "date": "2017-08-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "date": "2017-08-02T00:00:00",
        "db": "BID",
        "id": "100106"
      },
      {
        "date": "2017-09-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "date": "2017-08-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "date": "2017-08-07T06:29:00.323000",
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-114948"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-6745"
      },
      {
        "date": "2017-08-02T00:00:00",
        "db": "BID",
        "id": "100106"
      },
      {
        "date": "2017-09-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      },
      {
        "date": "2020-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      },
      {
        "date": "2024-11-21T03:30:26.103000",
        "db": "NVD",
        "id": "CVE-2017-6745"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Videoscape Distribution Suite for Television Buffer error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006806"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-137"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2017-AVI-243

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco ISE Express versions 1.3, 1.4, 2.0.0, 2.0.1 ou 2.1.0
Cisco	N/A	Cisco ISE Virtual Appliance versions 1.3, 1.4, 2.0.0, 2.0.1 ou 2.1.0
Cisco	N/A	Cisco Videoscape Distribution Suite (VDS) sans le dernier correctif de sécurité
Cisco	N/A	Cisco ISE versions 1.3, 1.4, 2.0.0, 2.0.1 ou 2.1.0

References

Title

Publication Time

cnvd-2017-27439

Vulnerability from cnvd

Title

Cisco Videoscape Distribution Suite for Television拒绝服务漏洞

Description

Cisco Videoscape Distribution Suite for Television是电视内容分发系统。 Cisco Videoscape Distribution Suite for Television存在拒绝服务漏洞，允许远程攻击者利用漏洞提交大量的映射连接，进行拒绝服务攻击。

Severity

高

Patch Name

Cisco Videoscape Distribution Suite for Television拒绝服务漏洞的补丁

Patch Description

Cisco Videoscape Distribution Suite for Television是电视内容分发系统。 Cisco Videoscape Distribution Suite for Television存在拒绝服务漏洞，允许远程攻击者利用漏洞提交大量的映射连接，进行拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds

Impacted products

Name
Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "100106"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-6745"
    }
  },
  "description": "Cisco Videoscape Distribution Suite for Television\u662f\u7535\u89c6\u5185\u5bb9\u5206\u53d1\u7cfb\u7edf\u3002\r\n\r\nCisco Videoscape Distribution Suite for Television\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u5927\u91cf\u7684\u6620\u5c04\u8fde\u63a5\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-27439",
  "openTime": "2017-09-19",
  "patchDescription": "Cisco Videoscape Distribution Suite for Television\u662f\u7535\u89c6\u5185\u5bb9\u5206\u53d1\u7cfb\u7edf\u3002\r\n\r\nCisco Videoscape Distribution Suite for Television\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u5927\u91cf\u7684\u6620\u5c04\u8fde\u63a5\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Videoscape Distribution Suite for Television\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1"
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds",
  "serverity": "\u9ad8",
  "submitTime": "2017-08-03",
  "title": "Cisco Videoscape Distribution Suite for Television\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

fkie_cve-2017-6745

Vulnerability from fkie_nvd

Published

2017-08-07 06:29

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/100106	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100106	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	videoscape_distribution_suite_for_television	3.2\(5\)es1
cisco	videoscape_distribution_suite_for_television	3.2\(6\)
cisco	videoscape_distribution_suite_for_television	3.2\(7\)
cisco	videoscape_distribution_suite_for_television	3.3\(1\)
cisco	videoscape_distribution_suite_for_television	3.4\(1\)
cisco	videoscape_distribution_suite_for_television	3.4\(2\)
cisco	videoscape_distribution_suite_for_television	3.5\(1\)
cisco	videoscape_distribution_suite_for_television	3.5\(1\)-cos
cisco	videoscape_distribution_suite_for_television	3.6\(1\)
cisco	videoscape_distribution_suite_for_television	3.8\(1\)
cisco	videoscape_distribution_suite_for_television	3.9\(1\)
cisco	videoscape_distribution_suite_for_television	4.1\(2\)
cisco	videoscape_distribution_suite_for_television	4.1\(3\)
cisco	videoscape_distribution_suite_for_television	4.1\(4\)
cisco	videoscape_distribution_suite_for_television	4.1\(5\)
cisco	videoscape_distribution_suite_for_television	4.2\(1\)
cisco	videoscape_distribution_suite_for_television	4.4\(1\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(5\\)es1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A8C50F3-DE69-4810-9C9B-43950B326905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D322339B-01E5-4AE5-A646-49CE3EB170F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "547B1AE2-7081-4AB3-A3C9-31DBF4B47543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7806199-2882-4166-B5B5-565413723C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D77783F4-B383-4F83-B173-721452D2C3A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5A091D4E-C9A4-41C1-BA65-5607D6737EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "59AA47AE-E9F2-4CD7-BBE4-5903408C4D90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\)-cos:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FC6B01-E93C-4B96-BD6B-154D6355EE1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "31AF3BB3-5885-4312-9EAC-276C455E3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.8\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "299E89B7-2B29-4DB1-8B8A-D98F4AA5E326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.9\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "23943C16-7A8B-49FC-95FF-ECA0C738D4CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6663090A-8ED5-47B2-A53F-CAE8EC5A1E63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFBB802-6352-4BAD-9532-BDF72DB348A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F84055DF-CB8F-4608-AB36-E32E85AED5AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0CFA6A35-DA36-4798-BF2C-6017DC4F0114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A20369-73B9-4E4B-943B-01A65F2ECB54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4238E3F5-C174-4DEF-A0AE-5C38C998EDBA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servidor cach\u00e9 de Cisco Videoscape Distribution Suite (VDS) para Television 3.2(5)ES1 podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un dispositivo objetivo. Esto se debe a que un exceso de conexiones mapeadas agota los recursos asignados del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de grandes cantidades de tr\u00e1fico de entrada a un dispositivo, con el objetivo de sobrecargar ciertos recursos. Si se tiene \u00e9xito, el dispositivo podr\u00eda recargarse, provocando una denegaci\u00f3n de servicio. Cisco Bug IDs: CSCvc39260."
    }
  ],
  "id": "CVE-2017-6745",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-07T06:29:00.323",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100106"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2017-6745

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-6745

Aliases

CVE-2017-6745

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-6745",
    "description": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260.",
    "id": "GSD-2017-6745"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-6745"
      ],
      "details": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260.",
      "id": "GSD-2017-6745",
      "modified": "2023-12-13T01:21:09.461634Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2017-6745",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Videoscape Distribution Suite Cache Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco Videoscape Distribution Suite Cache Server"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-119"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "100106",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/100106"
          },
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.3\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.2\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.6\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.9\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(7\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(6\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.4\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.8\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(5\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\)-cos:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(5\\)es1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(4\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6745"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
            },
            {
              "name": "100106",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/100106"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:29Z",
      "publishedDate": "2017-08-07T06:29Z"
    }
  }
}

ghsa-9m5j-cgjg-vr9r

Vulnerability from github

Published

2022-05-13 01:36

Modified

2022-05-13 01:36

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-6745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-07T06:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260.",
  "id": "GHSA-9m5j-cgjg-vr9r",
  "modified": "2022-05-13T01:36:27Z",
  "published": "2022-05-13T01:36:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6745"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100106"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-6745 (GCVE-0-2017-6745)

Vulnerability from cvelistv5

var-201708-1353

Vulnerability from variot

CERTFR-2017-AVI-243

Vulnerability from certfr_avis

Solution

cnvd-2017-27439

Vulnerability from cnvd

fkie_cve-2017-6745

Vulnerability from fkie_nvd

gsd-2017-6745

Vulnerability from gsd

ghsa-9m5j-cgjg-vr9r

Vulnerability from github

Tags

Sightings

Nomenclature