CVE-2017-6731
Published Jul 10, 2017
Last updated 7 years ago
Overview
- Description
- A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds. More Information: CSCvd94828. Known Affected Releases: 4.3.2.MCAST 6.0.2.BASE. Known Fixed Releases: 6.3.1.19i.MCAST 6.2.3.1i.MCAST 6.2.2.17i.MCAST 6.1.4.12i.MCAST.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2.mcast:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BFBFDDF-BBAD-4673-B0B2-CC542AFD46AF"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.0.2.base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FE8581A-BB4C-44D2-9C4E-2B26F9D064F2"
}
],
"operator": "OR"
}
]
}
]