var-201704-1328
Vulnerability from variot
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412. Vendors have confirmed this vulnerability Bug ID CSCvb55412 It is released as.Service operation interruption (DoS) An attack may be carried out. The Cisco PrimeNetwork Registrar (CPNR) is a network registrar product from Cisco. The product provides services such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and IP Address Management (IPAM). A remote denial of service vulnerability exists in Cisco PrimeNetworkRegistrar
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prime network registrar",
"scope": "eq",
"trust": 2.5,
"vendor": "cisco",
"version": "8.3.4"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 2.5,
"vendor": "cisco",
"version": "8.3.2"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 2.5,
"vendor": "cisco",
"version": "8.3.1"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.3.0"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.3.3"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "8.3"
},
{
"model": "prime network registrar",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "BID",
"id": "97924"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:8.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:8.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6613"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "97924"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6613",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-06012",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-114816",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.8,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6613",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6613",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-06012",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-1059",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114816",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "VULHUB",
"id": "VHN-114816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412. Vendors have confirmed this vulnerability Bug ID CSCvb55412 It is released as.Service operation interruption (DoS) An attack may be carried out. The Cisco PrimeNetwork Registrar (CPNR) is a network registrar product from Cisco. The product provides services such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and IP Address Management (IPAM). A remote denial of service vulnerability exists in Cisco PrimeNetworkRegistrar",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "BID",
"id": "97924"
},
{
"db": "VULHUB",
"id": "VHN-114816"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6613",
"trust": 3.4
},
{
"db": "BID",
"id": "97924",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1038331",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-06012",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114816",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "VULHUB",
"id": "VHN-114816"
},
{
"db": "BID",
"id": "97924"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"id": "VAR-201704-1328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "VULHUB",
"id": "VHN-114816"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
}
]
},
"last_update_date": "2023-12-18T13:34:17.418000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170419-prime-dns",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170419-prime-dns"
},
{
"title": "CiscoPrimeNetworkRegistrar denies service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/93241"
},
{
"title": "Cisco Prime Network Registrar Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69456"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170419-prime-dns"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/97924"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1038331"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6613"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6613"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-dns"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "VULHUB",
"id": "VHN-114816"
},
{
"db": "BID",
"id": "97924"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"db": "VULHUB",
"id": "VHN-114816"
},
{
"db": "BID",
"id": "97924"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"date": "2017-04-20T00:00:00",
"db": "VULHUB",
"id": "VHN-114816"
},
{
"date": "2017-04-19T00:00:00",
"db": "BID",
"id": "97924"
},
{
"date": "2017-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"date": "2017-04-20T22:59:00.683000",
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"date": "2017-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06012"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-114816"
},
{
"date": "2017-05-02T02:06:00",
"db": "BID",
"id": "97924"
},
{
"date": "2017-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003236"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-6613"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Prime Network Registrar of DNS Packet input processor resource management vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003236"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1059"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.