CVE-2017-6721: Input Validation
First published: Tue Jul 04 2017(Updated: )
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information: CSCvc57428. Known Affected Releases: 6.3(1). Known Fixed Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22).
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Wide Area Application Services | =6.3\(1\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6721?
CVE-2017-6721 is classified as a high severity vulnerability due to its potential to cause a denial of service.
How do I fix CVE-2017-6721?
To mitigate CVE-2017-6721, you should upgrade your Cisco Wide Area Application Services to a fixed version as recommended by Cisco.
What causes the vulnerability in CVE-2017-6721?
CVE-2017-6721 is caused by the improper handling of fragmented TCP packets by Cisco WAAS.
Who is affected by CVE-2017-6721?
CVE-2017-6721 affects users of Cisco Wide Area Application Services version 6.3(1).
What is the potential impact of CVE-2017-6721?
The potential impact of CVE-2017-6721 is an unexpected restart of the WAASNET process, leading to a denial of service condition.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco wide area application services
- version/cisco wide area application services/6.3\(1\)