CVE-2017-6745

Published Aug 7, 2017

Last updated 5 years ago

CVSS high 7.5

Overview

Description: A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc39260.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-119
ykramarz@cisco.com: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(5\\)es1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A8C50F3-DE69-4810-9C9B-43950B326905"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(6\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D322339B-01E5-4AE5-A646-49CE3EB170F1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.2\\(7\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "547B1AE2-7081-4AB3-A3C9-31DBF4B47543"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.3\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7806199-2882-4166-B5B5-565413723C30"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D77783F4-B383-4F83-B173-721452D2C3A8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.4\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A091D4E-C9A4-41C1-BA65-5607D6737EAC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59AA47AE-E9F2-4CD7-BBE4-5903408C4D90"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.5\\(1\\)-cos:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9FC6B01-E93C-4B96-BD6B-154D6355EE1A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.6\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31AF3BB3-5885-4312-9EAC-276C455E3AF2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.8\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "299E89B7-2B29-4DB1-8B8A-D98F4AA5E326"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:3.9\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23943C16-7A8B-49FC-95FF-ECA0C738D4CF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6663090A-8ED5-47B2-A53F-CAE8EC5A1E63"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AFBB802-6352-4BAD-9532-BDF72DB348A1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F84055DF-CB8F-4608-AB36-E32E85AED5AE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.1\\(5\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CFA6A35-DA36-4798-BF2C-6017DC4F0114"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.2\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4A20369-73B9-4E4B-943B-01A65F2ECB54"
          },
          {
            "criteria": "cpe:2.3:a:cisco:videoscape_distribution_suite_for_television:4.4\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4238E3F5-C174-4DEF-A0AE-5C38C998EDBA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References