What is the severity of CVE-2017-6628?

CVE-2017-6628 is classified as a high severity vulnerability due to its potential to cause a denial of service (DoS) condition.

How do I fix CVE-2017-6628?

To fix CVE-2017-6628, upgrade to the latest version of Cisco Wide Area Application Services available.

What versions of Cisco Wide Area Application Services are affected by CVE-2017-6628?

CVE-2017-6628 affects Cisco Wide Area Application Services versions 6.2.1, 6.2.1a, and 6.2.3a.

What type of attack does CVE-2017-6628 facilitate?

CVE-2017-6628 allows an unauthenticated remote attacker to trigger a denial of service condition.

What is the impact of CVE-2017-6628 on network operations?

The impact of CVE-2017-6628 on network operations can be significant, as it may cause WAN optimization processes to stop functioning temporarily.

Vulnerability/
CVE-2017-6628

medium

6.8

CWE

755 399

3/5/2017

3/10/2019

CVE-2017-6628

First published: Wed May 03 2017(Updated: )

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. An attacker could exploit this vulnerability by establishing a SMART-SSL connection through the targeted device. The attacker would then send a crafted stream of SSL/TLS traffic. An exploit could allow the attacker to cause a DoS condition where WAN optimization could stop processing traffic for a short period of time. Cisco Bug IDs: CSCvb71133.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Wide Area Application Services	=6.2.1
Cisco Wide Area Application Services	=6.2.1a
Cisco Wide Area Application Services	=6.2.3a

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6628?
CVE-2017-6628 is classified as a high severity vulnerability due to its potential to cause a denial of service (DoS) condition.
How do I fix CVE-2017-6628?
To fix CVE-2017-6628, upgrade to the latest version of Cisco Wide Area Application Services available.
What versions of Cisco Wide Area Application Services are affected by CVE-2017-6628?
CVE-2017-6628 affects Cisco Wide Area Application Services versions 6.2.1, 6.2.1a, and 6.2.3a.
What type of attack does CVE-2017-6628 facilitate?
CVE-2017-6628 allows an unauthenticated remote attacker to trigger a denial of service condition.
What is the impact of CVE-2017-6628 on network operations?
The impact of CVE-2017-6628 on network operations can be significant, as it may cause WAN optimization processes to stop functioning temporarily.

collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/author
agent/tags
agent/type
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
vendor/cisco
canonical/cisco wide area application services
version/cisco wide area application services/6.2.1
version/cisco wide area application services/6.2.1a
version/cisco wide area application services/6.2.3a

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.