Details of VAR-201705-3672

ID

VAR-201705-3672

CVE

CVE-2017-6653

TITLE

Cisco Identity Services Engine of GUI for TCP Resource management vulnerability in throttling process

Trust: 0.8

sources: JVNDB: JVNDB-2017-004208

DESCRIPTION

A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress. Cisco Bug IDs: CSCvc81803. Vendors report this vulnerability Bug ID CSCvc81803 Published as.Denial of service (DoS) May be in a state. An attacker can exploit this issue to cause a denial-of-service condition; denying service to legitimate users. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

Trust: 1.98

sources: NVD: CVE-2017-6653 // JVNDB: JVNDB-2017-004208 // BID: 98536 // VULHUB: VHN-114856

AFFECTED PRODUCTS

vendor:	cisco	model:	identity services engine	scope:	eq	version:	2.1\(0.474\)	Trust: 1.6
vendor:	cisco	model:	identity services engine software	scope:	eq	version:	2.1(0.474)	Trust: 0.8
vendor:	cisco	model:	identity services engine series appliances	scope:	eq	version:	33002.1(0.474)	Trust: 0.3
vendor:	cisco	model:	identity services engine	scope:	eq	version:	0	Trust: 0.3

sources: BID: 98536 // JVNDB: JVNDB-2017-004208 // CNNVD: CNNVD-201705-898 // NVD: CVE-2017-6653

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6653
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6653
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201705-898
value:	HIGH
Trust: 0.6
VULHUB:	VHN-114856
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6653
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114856
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6653
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114856 // JVNDB: JVNDB-2017-004208 // CNNVD: CNNVD-201705-898 // NVD: CVE-2017-6653

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-770	Trust: 1.1

sources: VULHUB: VHN-114856 // JVNDB: JVNDB-2017-004208 // NVD: CVE-2017-6653

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-898

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201705-898

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-004208

PATCH

title:	cisco-sa-20170517-ise	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise	Trust: 0.8
title:	Cisco Identity Services Engine Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70402	Trust: 0.6

sources: JVNDB: JVNDB-2017-004208 // CNNVD: CNNVD-201705-898

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6653	Trust: 2.8
db:	BID	id:	98536	Trust: 2.0
db:	SECTRACK	id:	1038516	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-004208	Trust: 0.8
db:	CNNVD	id:	CNNVD-201705-898	Trust: 0.7
db:	VULHUB	id:	VHN-114856	Trust: 0.1

sources: VULHUB: VHN-114856 // BID: 98536 // JVNDB: JVNDB-2017-004208 // CNNVD: CNNVD-201705-898 // NVD: CVE-2017-6653

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170517-ise	Trust: 2.0
url:	http://www.securityfocus.com/bid/98536	Trust: 1.7
url:	http://www.securitytracker.com/id/1038516	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6653	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6653	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-114856 // BID: 98536 // JVNDB: JVNDB-2017-004208 // CNNVD: CNNVD-201705-898 // NVD: CVE-2017-6653

CREDITS

Cisco

Trust: 0.3

sources: BID: 98536

SOURCES

db:	VULHUB	id:	VHN-114856
db:	BID	id:	98536
db:	JVNDB	id:	JVNDB-2017-004208
db:	CNNVD	id:	CNNVD-201705-898
db:	NVD	id:	CVE-2017-6653

LAST UPDATE DATE

2024-11-23T22:17:56.838000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114856	date:	2019-10-03T00:00:00
db:	BID	id:	98536	date:	2017-05-17T00:00:00
db:	JVNDB	id:	JVNDB-2017-004208	date:	2017-06-20T00:00:00
db:	CNNVD	id:	CNNVD-201705-898	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-6653	date:	2024-11-21T03:30:13.827

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114856	date:	2017-05-22T00:00:00
db:	BID	id:	98536	date:	2017-05-17T00:00:00
db:	JVNDB	id:	JVNDB-2017-004208	date:	2017-06-20T00:00:00
db:	CNNVD	id:	CNNVD-201705-898	date:	2017-05-22T00:00:00
db:	NVD	id:	CVE-2017-6653	date:	2017-05-22T01:29:00.837