What is the severity of CVE-2017-6633?

The severity of CVE-2017-6633 is classified as high, as it could allow an unauthenticated, remote attacker to cause a denial of service.

How do I fix CVE-2017-6633?

To fix CVE-2017-6633, it is recommended to update to a version of Cisco UCS C-Series Rack Servers that includes patched software addressing this vulnerability.

What causes CVE-2017-6633?

CVE-2017-6633 is caused by insufficient rate-limiting protection in the TCP throttling process of affected Cisco UCS C-Series Rack Servers.

Is my device affected by CVE-2017-6633?

Devices using Cisco Unified Computing System software version 3.0(0.234) are affected by CVE-2017-6633.

Can CVE-2017-6633 be exploited remotely?

Yes, CVE-2017-6633 can be exploited remotely by an unauthenticated attacker to trigger a denial of service condition.

Vulnerability/
CVE-2017-6633

high

7.5

CWE

119

22/5/2017

8/7/2017

CVE-2017-6633: Buffer Overflow

First published: Mon May 22 2017(Updated: )

A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition. Cisco Bug IDs: CSCva65544.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Unified Computing System software	=3.0\(0.234\)
Cisco UCS C220 M4 Rack Server
Cisco UCS C240 M4
Cisco UCS C3160
Cisco UCS C460 M4 Rack Server

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6633?
The severity of CVE-2017-6633 is classified as high, as it could allow an unauthenticated, remote attacker to cause a denial of service.
How do I fix CVE-2017-6633?
To fix CVE-2017-6633, it is recommended to update to a version of Cisco UCS C-Series Rack Servers that includes patched software addressing this vulnerability.
What causes CVE-2017-6633?
CVE-2017-6633 is caused by insufficient rate-limiting protection in the TCP throttling process of affected Cisco UCS C-Series Rack Servers.
Is my device affected by CVE-2017-6633?
Devices using Cisco Unified Computing System software version 3.0(0.234) are affected by CVE-2017-6633.
Can CVE-2017-6633 be exploited remotely?
Yes, CVE-2017-6633 can be exploited remotely by an unauthenticated attacker to trigger a denial of service condition.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/severity
agent/weakness
agent/references
agent/author
agent/description
agent/event
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco unified computing system software
version/cisco unified computing system software/3.0\(0.234\)
canonical/cisco ucs c220 m4 rack server
canonical/cisco ucs c240 m4
canonical/cisco ucs c3160
canonical/cisco ucs c460 m4 rack server

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.