Details of VAR-201707-0894

ID

VAR-201707-0894

CVE

CVE-2017-6721

TITLE

Cisco Wide Area Application Services Fragmented by TCP In packet input processing WAASNET Vulnerabilities that cause processes to restart unexpectedly

Trust: 0.8

sources: JVNDB: JVNDB-2017-005313

DESCRIPTION

A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information: CSCvc57428. Known Affected Releases: 6.3(1). Known Fixed Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22). An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvc57428. This software is mainly used in the link environment with small bandwidth and large delay. The vulnerability stems from the fact that the program does not perform sufficient input validation on TCP packets

Trust: 1.98

sources: NVD: CVE-2017-6721 // JVNDB: JVNDB-2017-005313 // BID: 99200 // VULHUB: VHN-114924

AFFECTED PRODUCTS

vendor:	cisco	model:	wide area application services	scope:	eq	version:	6.3\(1\)	Trust: 1.6
vendor:	cisco	model:	wide area application services software	scope:	eq	version:	6.3(1)	Trust: 0.8
vendor:	cisco	model:	wide area application services	scope:	eq	version:	6.3(1)	Trust: 0.3
vendor:	cisco	model:	wide area application services	scope:	ne	version:	6.3(0.143)	Trust: 0.3
vendor:	cisco	model:	wide area application services 6.2 6	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	wide area application services	scope:	ne	version:	6.2(3.22)	Trust: 0.3

sources: BID: 99200 // JVNDB: JVNDB-2017-005313 // CNNVD: CNNVD-201706-1018 // NVD: CVE-2017-6721

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6721
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6721
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201706-1018
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-114924
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6721
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114924
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6721
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114924 // JVNDB: JVNDB-2017-005313 // CNNVD: CNNVD-201706-1018 // NVD: CVE-2017-6721

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-114924 // JVNDB: JVNDB-2017-005313 // NVD: CVE-2017-6721

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-1018

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201706-1018

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005313

PATCH

title:	cisco-sa-20170621-waas	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-waas	Trust: 0.8
title:	Cisco Wide Area Application Services Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71279	Trust: 0.6

sources: JVNDB: JVNDB-2017-005313 // CNNVD: CNNVD-201706-1018

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6721	Trust: 2.8
db:	BID	id:	99200	Trust: 2.0
db:	SECTRACK	id:	1038747	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-005313	Trust: 0.8
db:	CNNVD	id:	CNNVD-201706-1018	Trust: 0.7
db:	NSFOCUS	id:	36963	Trust: 0.6
db:	VULHUB	id:	VHN-114924	Trust: 0.1

sources: VULHUB: VHN-114924 // BID: 99200 // JVNDB: JVNDB-2017-005313 // CNNVD: CNNVD-201706-1018 // NVD: CVE-2017-6721

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170621-waas	Trust: 2.0
url:	http://www.securityfocus.com/bid/99200	Trust: 1.7
url:	http://www.securitytracker.com/id/1038747	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6721	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6721	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/36963	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/c/en/us/products/routers/wide-area-application-services/index.html	Trust: 0.3

sources: VULHUB: VHN-114924 // BID: 99200 // JVNDB: JVNDB-2017-005313 // CNNVD: CNNVD-201706-1018 // NVD: CVE-2017-6721

CREDITS

Cisco

Trust: 0.9

sources: BID: 99200 // CNNVD: CNNVD-201706-1018

SOURCES

db:	VULHUB	id:	VHN-114924
db:	BID	id:	99200
db:	JVNDB	id:	JVNDB-2017-005313
db:	CNNVD	id:	CNNVD-201706-1018
db:	NVD	id:	CVE-2017-6721

LAST UPDATE DATE

2025-04-20T23:16:01.481000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114924	date:	2017-07-07T00:00:00
db:	BID	id:	99200	date:	2017-06-21T00:00:00
db:	JVNDB	id:	JVNDB-2017-005313	date:	2017-07-26T00:00:00
db:	CNNVD	id:	CNNVD-201706-1018	date:	2017-06-29T00:00:00
db:	NVD	id:	CVE-2017-6721	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114924	date:	2017-07-04T00:00:00
db:	BID	id:	99200	date:	2017-06-21T00:00:00
db:	JVNDB	id:	JVNDB-2017-005313	date:	2017-07-26T00:00:00
db:	CNNVD	id:	CNNVD-201706-1018	date:	2017-06-29T00:00:00
db:	NVD	id:	CVE-2017-6721	date:	2017-07-04T00:29:00.680