Details of VAR-201806-0654

ID

VAR-201806-0654

CVE

CVE-2017-6779

TITLE

plural Cisco Product depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-013764

DESCRIPTION

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823. plural Cisco The product is vulnerable to resource exhaustion. Vendors have confirmed this vulnerability Bug ID CSCvd10872 , CSCvf64322 , CSCvf64332 , CSCvi29538 , CSCvi29543 , CSCvi29544 , CSCvi29546 , CSCvi29556 , CSCvi29571 , CSCvi31738 , CSCvi31741 , CSCvi31762 , CSCvi31807 , CSCvi31818 ,and CSCvi31823 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Cisco Products are prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to consume disk resources, denying service to legitimate users. Cisco Emergency Responder, etc. are all products of Cisco (Cisco). Cisco Emergency Responder is an emergency call software in an IP communication system. Finesse is a next-generation customer collaboration service solution

Trust: 2.07

sources: NVD: CVE-2017-6779 // JVNDB: JVNDB-2017-013764 // BID: 104662 // VULHUB: VHN-114982 // VULMON: CVE-2017-6779

AFFECTED PRODUCTS

vendor:	cisco	model:	unified communications manager	scope:	eq	version:	12.0	Trust: 1.6
vendor:	cisco	model:	unified contact center express	scope:	eq	version:	9.0\(2\)su1.3	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.0\(1.10000.10\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.5\(1.10000.6\)	Trust: 1.6
vendor:	cisco	model:	unity connection	scope:	eq	version:	12.0	Trust: 1.3
vendor:	cisco	model:	emergency responder	scope:	lt	version:	12.0su1	Trust: 1.0
vendor:	cisco	model:	unified intelligence center	scope:	gte	version:	11.6	Trust: 1.0
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	eq	version:	9.5\(1\)	Trust: 1.0
vendor:	cisco	model:	unified contact center express	scope:	gte	version:	11.6	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	lt	version:	11.5\(4\)	Trust: 1.0
vendor:	cisco	model:	finesse	scope:	gte	version:	11.5	Trust: 1.0
vendor:	cisco	model:	virtualized voice browser	scope:	gte	version:	11.6	Trust: 1.0
vendor:	cisco	model:	prime collaboration assurance	scope:	lt	version:	11.6_es16	Trust: 1.0
vendor:	cisco	model:	socialminer	scope:	lt	version:	11.6.1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	lt	version:	11.5\(1\)su3	Trust: 1.0
vendor:	cisco	model:	prime collaboration assurance	scope:	gte	version:	12.1	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	eq	version:	11.0\(1.10000.10\)	Trust: 1.0
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	12.5	Trust: 1.0
vendor:	cisco	model:	unified contact center express	scope:	lt	version:	11.6\(1\)	Trust: 1.0
vendor:	cisco	model:	unity connection	scope:	lt	version:	11.5.1su3	Trust: 1.0
vendor:	cisco	model:	unified intelligence center	scope:	lt	version:	11.6\(1\)	Trust: 1.0
vendor:	cisco	model:	prime license manager	scope:	gte	version:	11.0	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	gte	version:	12.0	Trust: 1.0
vendor:	cisco	model:	prime license manager	scope:	gte	version:	10.5	Trust: 1.0
vendor:	cisco	model:	socialminer	scope:	gte	version:	11.6	Trust: 1.0
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	gte	version:	11.5	Trust: 1.0
vendor:	cisco	model:	unity connection	scope:	lt	version:	10.5su5	Trust: 1.0
vendor:	cisco	model:	prime collaboration assurance	scope:	lt	version:	12.1_es2	Trust: 1.0
vendor:	cisco	model:	mediasense	scope:	lt	version:	11.5su2	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	lt	version:	10.5\(1a\)	Trust: 1.0
vendor:	cisco	model:	unity connection	scope:	gte	version:	11.0	Trust: 1.0
vendor:	cisco	model:	virtualized voice browser	scope:	lt	version:	11.6\(1\)	Trust: 1.0
vendor:	cisco	model:	unity connection	scope:	gte	version:	10.5	Trust: 1.0
vendor:	cisco	model:	prime license manager	scope:	lt	version:	11.5\(1\)su5	Trust: 1.0
vendor:	cisco	model:	finesse	scope:	lt	version:	11.5\(3\)	Trust: 1.0
vendor:	cisco	model:	mediasense	scope:	eq	version:	9.5\(1\)	Trust: 1.0
vendor:	cisco	model:	prime license manager	scope:	lt	version:	10.5.2	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	gte	version:	11.5	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	lt	version:	10.5\(2\)su5	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	lt	version:	11.0\(1a\)su4	Trust: 1.0
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	lt	version:	11.5\(3\)	Trust: 1.0
vendor:	cisco	model:	unity connection	scope:	eq	version:	9.5\(0.9\)tt0	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	gte	version:	11.0	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	10.5\(2.10000.5\)	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	gte	version:	11.0	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	gte	version:	10.0	Trust: 1.0
vendor:	cisco	model:	emergency responder	scope:	gte	version:	10.5	Trust: 1.0
vendor:	cisco	model:	finesse	scope:	eq	version:	9.5\(1\)	Trust: 1.0
vendor:	cisco	model:	unified intelligence center	scope:	eq	version:	9.5\(1\)	Trust: 1.0
vendor:	cisco	model:	mediasense	scope:	gte	version:	11.5	Trust: 1.0
vendor:	cisco	model:	prime collaboration assurance	scope:	gte	version:	11.6	Trust: 1.0
vendor:	cisco	model:	emergency responder software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	finesse	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mediasense	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	prime collaboration assurance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	prime collaboration provisioning	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	prime license manager	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	socialminer	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified communications manager	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified contact center express	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified intelligence center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unity connection	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	virtualized voice browser	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.5\(1.12000.1\)	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.5\(0.98000.486\)	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.0\(0.98000.225\)	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.5.0	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	10.5\(3.10000.9\)	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	11.5\(0.98000.480\)	Trust: 0.6
vendor:	cisco	model:	finesse 10.6 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	10.5(1)	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 es3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 su1.7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	11.2	Trust: 0.3
vendor:	cisco	model:	socialminer	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	11.5(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su1	scope:	eq	version:	11.5(1)	Trust: 0.3
vendor:	cisco	model:	finesse 10.0 su1.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	12.3	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 es4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 su1.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	9.0(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service 10.5.2su4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	10.0	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	9.5	Trust: 0.3
vendor:	cisco	model:	emergency responder 10.5	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su2	scope:	eq	version:	10.5(2)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.6(1)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	9.0(2)	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	10.5(1)	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	unified contact center express	scope:	eq	version:	11.6	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	10.5	Trust: 0.3
vendor:	cisco	model:	mediasense 9.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.5(5)	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	eq	version:	11.5(1)	Trust: 0.3
vendor:	cisco	model:	unity connection	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	unity connection	scope:	eq	version:	10.5	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su2a	scope:	eq	version:	10.5(2)	Trust: 0.3
vendor:	cisco	model:	emergency responder	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 es5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service 11.5 su4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su6	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	socialminer	scope:	eq	version:	10.0(1)	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 su1.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 es1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	11.1	Trust: 0.3
vendor:	cisco	model:	unified intelligence center es03	scope:	eq	version:	11.5(1)	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 es2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	10.5(1)	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 es1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	11.5(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	socialminer	scope:	eq	version:	9.0(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance sp1	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	socialminer	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.5(4)	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	9.0	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	10.6(1)	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 es4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service mr1	scope:	eq	version:	10.5	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	10.5	Trust: 0.3
vendor:	cisco	model:	emergency responder 12.0su1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	11.6	Trust: 0.3
vendor:	cisco	model:	emergency responder	scope:	eq	version:	12.0	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	10.0(1)	Trust: 0.3
vendor:	cisco	model:	unified contact center express	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.5(3)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance es2	scope:	ne	version:	12.1	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su7	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	9.1(2)	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	8.5(4)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	10.6	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	9.1	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	11.0	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	11.0(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su1	scope:	eq	version:	11.0(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	cisco	model:	prime license manager	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	11.1	Trust: 0.3
vendor:	cisco	model:	finesse 9.1 es2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	10.0(1)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	9.0(1)	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.5(1)	Trust: 0.3
vendor:	cisco	model:	mediasense 11.5su2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	8.5(3)	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 es3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	emergency responder	scope:	eq	version:	11.0	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	eq	version:	10.0(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	10.0	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	10.5(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	12.2	Trust: 0.3
vendor:	cisco	model:	finesse es2	scope:	eq	version:	11.5	Trust: 0.3
vendor:	cisco	model:	finesse 10.5 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unity connection	scope:	eq	version:	10.0	Trust: 0.3
vendor:	cisco	model:	unity connection 11.5.1su3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	9.0	Trust: 0.3
vendor:	cisco	model:	virtualized voice browser	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	12.1	Trust: 0.3
vendor:	cisco	model:	finesse 10.6 su2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	cisco	model:	finesse	scope:	eq	version:	8.5(2)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	11.6	Trust: 0.3
vendor:	cisco	model:	emergency responder	scope:	ne	version:	11.5(4)	Trust: 0.3
vendor:	cisco	model:	finesse 10.0 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified intelligence center 11.0 es10	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	10.5(2)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	10.6	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	eq	version:	10.6(1)	Trust: 0.3
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	ne	version:	11.5(3)	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	11.0	Trust: 0.3
vendor:	cisco	model:	virtualized voice browser	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified communications manager im and presence service su6a	scope:	eq	version:	9.1(1)	Trust: 0.3
vendor:	cisco	model:	socialminer su1	scope:	eq	version:	11.5	Trust: 0.3

sources: BID: 104662 // JVNDB: JVNDB-2017-013764 // CNNVD: CNNVD-201806-404 // NVD: CVE-2017-6779

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6779
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6779
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201806-404
value:	HIGH
Trust: 0.6
VULHUB:	VHN-114982
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-6779
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6779
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-114982
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6779
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114982 // VULMON: CVE-2017-6779 // JVNDB: JVNDB-2017-013764 // CNNVD: CNNVD-201806-404 // NVD: CVE-2017-6779

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.9
problemtype:	CWE-399	Trust: 1.0

sources: VULHUB: VHN-114982 // JVNDB: JVNDB-2017-013764 // NVD: CVE-2017-6779

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-404

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201806-404

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-013764

PATCH

title:	cisco-sa-20180606-diskdos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos	Trust: 0.8
title:	Multiple Cisco Product resource management error vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80751	Trust: 0.6
title:	Cisco: Multiple Cisco Products Disk Utilization Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180606-diskdos	Trust: 0.1

sources: VULMON: CVE-2017-6779 // JVNDB: JVNDB-2017-013764 // CNNVD: CNNVD-201806-404

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6779	Trust: 2.9
db:	JVNDB	id:	JVNDB-2017-013764	Trust: 0.8
db:	CNNVD	id:	CNNVD-201806-404	Trust: 0.7
db:	BID	id:	104662	Trust: 0.4
db:	VULHUB	id:	VHN-114982	Trust: 0.1
db:	VULMON	id:	CVE-2017-6779	Trust: 0.1

sources: VULHUB: VHN-114982 // VULMON: CVE-2017-6779 // BID: 104662 // JVNDB: JVNDB-2017-013764 // CNNVD: CNNVD-201806-404 // NVD: CVE-2017-6779

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-diskdos	Trust: 2.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6779	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6779	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/400.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-114982 // VULMON: CVE-2017-6779 // BID: 104662 // JVNDB: JVNDB-2017-013764 // CNNVD: CNNVD-201806-404 // NVD: CVE-2017-6779

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104662

SOURCES

db:	VULHUB	id:	VHN-114982
db:	VULMON	id:	CVE-2017-6779
db:	BID	id:	104662
db:	JVNDB	id:	JVNDB-2017-013764
db:	CNNVD	id:	CNNVD-201806-404
db:	NVD	id:	CVE-2017-6779

LAST UPDATE DATE

2024-11-23T22:12:30.983000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114982	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2017-6779	date:	2019-10-09T00:00:00
db:	BID	id:	104662	date:	2018-06-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-013764	date:	2018-08-09T00:00:00
db:	CNNVD	id:	CNNVD-201806-404	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-6779	date:	2024-11-21T03:30:30.690

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114982	date:	2018-06-07T00:00:00
db:	VULMON	id:	CVE-2017-6779	date:	2018-06-07T00:00:00
db:	BID	id:	104662	date:	2018-06-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-013764	date:	2018-08-09T00:00:00
db:	CNNVD	id:	CNNVD-201806-404	date:	2018-06-08T00:00:00
db:	NVD	id:	CVE-2017-6779	date:	2018-06-07T12:29:00.260