CVE-2017-6613

MEDIUM Year: 2017
CVSS v3 Score
5.8
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-399
View all →

Vulnerability Description

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.

Related Vulnerabilities

CVE-2017-12311

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it rece...

CWE-3992017

CVE-2021-1377

MEDIUM
CVSS:5.8(Medium)

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resol...

CWE-3992021

CVE-2024-20407

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t...

CWE-3992024

CVE-2016-2116

MEDIUM
CVSS:5.7(Medium)

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG ...

CWE-3992016

CVE-2014-9686

MEDIUM
CVSS:5.9(Medium)

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugin_googl...

CWE-3992014

CVE-2016-10259

MEDIUM
CVSS:5.9(Medium)

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connect...

CWE-3992016