What is CVE-2017-1773?

CVE-2017-1773 is a vulnerability in IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 that allows an attacker to perform DNS cache poisoning and redirect Internet traffic using man-in-the-middle techniques.

How does CVE-2017-1773 affect IBM DataPower Gateways?

CVE-2017-1773 affects IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 by allowing an attacker to spoof DNS responses and redirect Internet traffic.

What is the severity of CVE-2017-1773?

CVE-2017-1773 has a severity level of medium.

How can I mitigate the impact of CVE-2017-1773?

To mitigate the impact of CVE-2017-1773, it is recommended to apply the necessary security patches provided by IBM.

Vulnerability/
CVE-2017-1773

medium

4.3

CWE

345

31/1/2018

16/9/2024

CVE-2017-1773

Q: How can an attacker exploit CVE-2017-1773?

An attacker can exploit CVE-2017-1773 by using man-in-the-middle techniques to spoof DNS responses and perform DNS cache poisoning.

First published: Wed Jan 31 2018(Updated: )

IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM DataPower Gateway	>=7.1.0.0<=7.1.0.20
IBM DataPower Gateway	>=7.2.0.0<=7.2.0.17
IBM DataPower Gateway	>=7.5.0.0<=7.5.0.11
IBM DataPower Gateway	>=7.5.1.0<=7.5.1.10
IBM DataPower Gateway	>=7.5.2.0<=7.5.2.10
IBM DataPower Gateway	>=7.6.0.0<=7.6.0.3

Remedy

http://www.ibm.com/support/docview.wss?uid=swg22012758

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2017-1773?
CVE-2017-1773 is a vulnerability in IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 that allows an attacker to perform DNS cache poisoning and redirect Internet traffic using man-in-the-middle techniques.
How does CVE-2017-1773 affect IBM DataPower Gateways?
CVE-2017-1773 affects IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 by allowing an attacker to spoof DNS responses and redirect Internet traffic.
What is the severity of CVE-2017-1773?
CVE-2017-1773 has a severity level of medium.
How can an attacker exploit CVE-2017-1773?
An attacker can exploit CVE-2017-1773 by using man-in-the-middle techniques to spoof DNS responses and perform DNS cache poisoning.
How can I mitigate the impact of CVE-2017-1773?
To mitigate the impact of CVE-2017-1773, it is recommended to apply the necessary security patches provided by IBM.

collector/nvd-index
agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/event
agent/description
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm datapower gateway
version/ibm datapower gateway/7.1.0.0
version/ibm datapower gateway/7.1.0.20
version/ibm datapower gateway/7.2.0.0
version/ibm datapower gateway/7.2.0.17
version/ibm datapower gateway/7.5.0.0
version/ibm datapower gateway/7.5.0.11
version/ibm datapower gateway/7.5.1.0
version/ibm datapower gateway/7.5.1.10
version/ibm datapower gateway/7.5.2.0
version/ibm datapower gateway/7.5.2.10
version/ibm datapower gateway/7.6.0.0
version/ibm datapower gateway/7.6.0.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.