Details of VAR-201707-0899

ID

VAR-201707-0899

CVE

CVE-2017-6727

TITLE

Cisco Wide Area Application Services of Server Message Block Service disruption in protocol (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2017-005622

DESCRIPTION

A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly and creating Core Dump files. More Information: CSCvc63035. Known Affected Releases: 6.2(3a). Known Fixed Releases: 6.3(0.167) 6.2(3c)5 6.2(3.22). Vendors have confirmed this vulnerability Bug ID CSCvc63035 It is released as.Remote attacker could disrupt service operation (DoS) There is a possibility of being put into a state. Cisco Wide Area Application Services is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvc63035. This software is mainly used in the link environment with small bandwidth and large delay

Trust: 1.98

sources: NVD: CVE-2017-6727 // JVNDB: JVNDB-2017-005622 // BID: 99483 // VULHUB: VHN-114930

AFFECTED PRODUCTS

vendor:	cisco	model:	wide area application services	scope:	eq	version:	6.2\(3a\)	Trust: 1.6
vendor:	cisco	model:	wide area application services software	scope:	eq	version:	6.2(3a)	Trust: 0.8
vendor:	cisco	model:	wide area application services 6.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	wide area application services	scope:	ne	version:	6.3(0.167)	Trust: 0.3
vendor:	cisco	model:	wide area application services 6.2 5	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	wide area application services	scope:	ne	version:	6.2(3.22)	Trust: 0.3

sources: BID: 99483 // JVNDB: JVNDB-2017-005622 // CNNVD: CNNVD-201707-394 // NVD: CVE-2017-6727

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6727
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6727
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201707-394
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-114930
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6727
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114930
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6727
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114930 // JVNDB: JVNDB-2017-005622 // CNNVD: CNNVD-201707-394 // NVD: CVE-2017-6727

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-114930 // JVNDB: JVNDB-2017-005622 // NVD: CVE-2017-6727

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-394

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201707-394

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005622

PATCH

title:	cisco-sa-20170705-waas	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas	Trust: 0.8
title:	Cisco Wide Area Application Services Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71592	Trust: 0.6

sources: JVNDB: JVNDB-2017-005622 // CNNVD: CNNVD-201707-394

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6727	Trust: 2.8
db:	BID	id:	99483	Trust: 1.4
db:	SECTRACK	id:	1038824	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-005622	Trust: 0.8
db:	CNNVD	id:	CNNVD-201707-394	Trust: 0.7
db:	NSFOCUS	id:	37058	Trust: 0.6
db:	VULHUB	id:	VHN-114930	Trust: 0.1

sources: VULHUB: VHN-114930 // BID: 99483 // JVNDB: JVNDB-2017-005622 // CNNVD: CNNVD-201707-394 // NVD: CVE-2017-6727

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170705-waas	Trust: 2.0
url:	http://www.securityfocus.com/bid/99483	Trust: 1.1
url:	http://www.securitytracker.com/id/1038824	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6727	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6727	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/37058	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/c/en/us/products/routers/wide-area-application-services/index.html	Trust: 0.3

sources: VULHUB: VHN-114930 // BID: 99483 // JVNDB: JVNDB-2017-005622 // CNNVD: CNNVD-201707-394 // NVD: CVE-2017-6727

CREDITS

Bharat Putta

Trust: 0.3

sources: BID: 99483

SOURCES

db:	VULHUB	id:	VHN-114930
db:	BID	id:	99483
db:	JVNDB	id:	JVNDB-2017-005622
db:	CNNVD	id:	CNNVD-201707-394
db:	NVD	id:	CVE-2017-6727

LAST UPDATE DATE

2025-04-20T23:29:36.319000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114930	date:	2017-07-16T00:00:00
db:	BID	id:	99483	date:	2017-07-05T00:00:00
db:	JVNDB	id:	JVNDB-2017-005622	date:	2017-08-02T00:00:00
db:	CNNVD	id:	CNNVD-201707-394	date:	2017-07-11T00:00:00
db:	NVD	id:	CVE-2017-6727	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114930	date:	2017-07-10T00:00:00
db:	BID	id:	99483	date:	2017-07-05T00:00:00
db:	JVNDB	id:	JVNDB-2017-005622	date:	2017-08-02T00:00:00
db:	CNNVD	id:	CNNVD-201707-394	date:	2017-07-11T00:00:00
db:	NVD	id:	CVE-2017-6727	date:	2017-07-10T20:29:00.453