What is the severity of CVE-2017-6653?

CVE-2017-6653 is categorized as a denial of service vulnerability, allowing attackers to affect the availability of the Cisco Identity Services Engine.

How do I fix CVE-2017-6653?

To mitigate CVE-2017-6653, upgrade the Cisco Identity Services Engine to a version that is not affected by this vulnerability.

Which software versions are impacted by CVE-2017-6653?

CVE-2017-6653 specifically affects Cisco Identity Services Engine version 2.1(0.474).

Can CVE-2017-6653 impact the availability of services?

Yes, CVE-2017-6653 can prevent the Cisco Identity Services Engine GUI from responding to connections, impacting service availability.

Vulnerability/
CVE-2017-6653

high

7.5

CWE

770 399

22/5/2017

3/10/2019

CVE-2017-6653

First published: Mon May 22 2017(Updated: )

A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress. Cisco Bug IDs: CSCvc81803.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Identity Services Engine (ISE)	=2.1\(0.474\)

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6653?
CVE-2017-6653 is categorized as a denial of service vulnerability, allowing attackers to affect the availability of the Cisco Identity Services Engine.
How do I fix CVE-2017-6653?
To mitigate CVE-2017-6653, upgrade the Cisco Identity Services Engine to a version that is not affected by this vulnerability.
Which software versions are impacted by CVE-2017-6653?
CVE-2017-6653 specifically affects Cisco Identity Services Engine version 2.1(0.474).
What kind of attack does CVE-2017-6653 allow?
CVE-2017-6653 allows an unauthenticated remote attacker to cause a denial of service condition on the affected device.
Can CVE-2017-6653 impact the availability of services?
Yes, CVE-2017-6653 can prevent the Cisco Identity Services Engine GUI from responding to connections, impacting service availability.

agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco identity services engine (ise)
version/cisco identity services engine (ise)/2.1\(0.474\)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.