CVE-2017-6613
Vulnerability from cvelistv5
Published
2017-04-20 22:00
Modified
2024-08-05 15:33
Severity ?
Summary
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/97924Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1038331
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnsVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97924Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038331
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnsVendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.456Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "97924",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97924"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"
          },
          {
            "name": "1038331",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038331"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Prime Network Registrar",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Prime Network Registrar"
            }
          ]
        }
      ],
      "datePublic": "2017-04-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "97924",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97924"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"
        },
        {
          "name": "1038331",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038331"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6613",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Prime Network Registrar",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Prime Network Registrar"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "97924",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97924"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"
            },
            {
              "name": "1038331",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038331"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-6613",
    "datePublished": "2017-04-20T22:00:00",
    "dateReserved": "2017-03-09T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.456Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2E60599-839A-460F-B8DE-E6F22C8ECF6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BCB950B-9A49-4395-98E8-E0A5F425CDAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6249E955-68F8-486C-9C40-7D4DF5F2F456\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:8.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4627E4D9-78CD-4915-8F1E-4F8B7DF8D8D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:8.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DBC6C28-8D99-4920-B3CA-3E83E8F9B78D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el procesador de paquetes de entrada de DNS para Cisco Prime Network Registrar podr\\u00eda permitir que un atacante remoto no autenticado haga que el proceso DNS se reinicie moment\\u00e1neamente, lo que podr\\u00eda provocar una denegaci\\u00f3n parcial de servicio en el sistema afectado. La vulnerabilidad se debe a la validaci\\u00f3n incompleta del encabezado del paquete DNS cuando el paquete es recibido por la aplicaci\\u00f3n. Un atacante podr\\u00eda explotar esta vulnerabilidad mediante el env\\u00edo de un paquete DNS malformado a la aplicaci\\u00f3n. Un exploit podr\\u00eda permitir al atacante provocar el reinicio del proceso DNS, lo que podr\\u00eda llevar a una condici\\u00f3n DoS. Esta vulnerabilidad afecta a Cisco Prime Network Registrar en todas las versiones de software anteriores a 8.3.5. Cisco Bug IDs: CSCvb55412.\"}]",
      "id": "CVE-2017-6613",
      "lastModified": "2024-11-21T03:30:07.547",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L\", \"baseScore\": 5.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-04-20T22:59:00.683",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/97924\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038331\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97924\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038331\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-6613\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2017-04-20T22:59:00.683\",\"lastModified\":\"2024-11-21T03:30:07.547\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el procesador de paquetes de entrada de DNS para Cisco Prime Network Registrar podr\u00eda permitir que un atacante remoto no autenticado haga que el proceso DNS se reinicie moment\u00e1neamente, lo que podr\u00eda provocar una denegaci\u00f3n parcial de servicio en el sistema afectado. La vulnerabilidad se debe a la validaci\u00f3n incompleta del encabezado del paquete DNS cuando el paquete es recibido por la aplicaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete DNS malformado a la aplicaci\u00f3n. Un exploit podr\u00eda permitir al atacante provocar el reinicio del proceso DNS, lo que podr\u00eda llevar a una condici\u00f3n DoS. Esta vulnerabilidad afecta a Cisco Prime Network Registrar en todas las versiones de software anteriores a 8.3.5. Cisco Bug IDs: CSCvb55412.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2E60599-839A-460F-B8DE-E6F22C8ECF6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BCB950B-9A49-4395-98E8-E0A5F425CDAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6249E955-68F8-486C-9C40-7D4DF5F2F456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:8.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4627E4D9-78CD-4915-8F1E-4F8B7DF8D8D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:8.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DBC6C28-8D99-4920-B3CA-3E83E8F9B78D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/97924\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038331\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97924\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.