← volver
CVE-2017-6653

CVE-2017-6653

EPSS 2.1%CWE-399
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 2.1%KEV nãoPoC Patch
Ciclo de vida
22 may 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The vulnerability is due to insufficient TCP rate limiting protection on the GUI. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP connections to the GUI. An exploit could allow the attacker to cause the GUI to stop responding while the high rate of connections is in progress. Cisco Bug IDs: CSCvc81803.
Productos afectados
n/a · Cisco Identity Services Engine

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-isehttp://www.securityfocus.com/bid/98536http://www.securitytracker.com/id/1038516