What is the vulnerability severity of CVE-2017-6678?

CVE-2017-6678 is considered a high severity vulnerability due to its potential to cause control function instances to reload.

How can I mitigate CVE-2017-6678?

To mitigate CVE-2017-6678, it is recommended to upgrade to a fixed version of Cisco Virtualized Packet Core Software.

Which Cisco Virtualized Packet Core versions are affected by CVE-2017-6678?

CVE-2017-6678 affects Cisco Virtualized Packet Core versions 19.2 to 21.0.

Who can exploit CVE-2017-6678?

CVE-2017-6678 can be exploited by unauthenticated, remote attackers.

What could happen if CVE-2017-6678 is successfully exploited?

Exploitation of CVE-2017-6678 could lead to both control function instances on the affected system reloading, disrupting services.

Vulnerability/
CVE-2017-6678

high

7.8

CWE

755 399

26/6/2017

9/10/2019

CVE-2017-6678

First published: Mon Jun 26 2017(Updated: )

A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Virtualized Packet Core	=v19.2_base
Cisco Virtualized Packet Core	=v19.3_base
Cisco Virtualized Packet Core	=v20.0_base
Cisco Virtualized Packet Core	=v20.1_base
Cisco Virtualized Packet Core	=v20.2_base
Cisco Virtualized Packet Core	=v21.0_base

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability severity of CVE-2017-6678?
CVE-2017-6678 is considered a high severity vulnerability due to its potential to cause control function instances to reload.
How can I mitigate CVE-2017-6678?
To mitigate CVE-2017-6678, it is recommended to upgrade to a fixed version of Cisco Virtualized Packet Core Software.
Which Cisco Virtualized Packet Core versions are affected by CVE-2017-6678?
CVE-2017-6678 affects Cisco Virtualized Packet Core versions 19.2 to 21.0.
Who can exploit CVE-2017-6678?
CVE-2017-6678 can be exploited by unauthenticated, remote attackers.
What could happen if CVE-2017-6678 is successfully exploited?
Exploitation of CVE-2017-6678 could lead to both control function instances on the affected system reloading, disrupting services.

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-index
vendor/cisco
canonical/cisco virtualized packet core
version/cisco virtualized packet core/v19.2_base
version/cisco virtualized packet core/v19.3_base
version/cisco virtualized packet core/v20.0_base
version/cisco virtualized packet core/v20.1_base
version/cisco virtualized packet core/v20.2_base
version/cisco virtualized packet core/v21.0_base