CVE-2017-6721
Description
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information: CSCvc57428. Known Affected Releases: 6.3(1). Known Fixed Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22).
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.82
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Wide Area Application Services TCP Fragment Denial of Service Vulnerability For Cisco Wide Area Application Services (WAAS) Software | NCM |
| Improper Input Validation Vulnerability (CVE-2017-6721) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705984 | Security Update for Cisco Wide Area Application Services (WAAS) Software 6.2(2.32) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234