CVE-2017-6613 - OpenCVE

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Prime Network Registrar

Configuration 1 [-]

OR	cpe:2.3:a:cisco:prime_network_registrar:8.3.0:::::::*
	cpe:2.3:a:cisco:prime_network_registrar:8.3.1:::::::*
	cpe:2.3:a:cisco:prime_network_registrar:8.3.2:::::::*
	cpe:2.3:a:cisco:prime_network_registrar:8.3.3:::::::*
	cpe:2.3:a:cisco:prime_network_registrar:8.3.4:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/97924	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038331
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2017-04-20T22:00:00

Updated: 2017-07-10T09:57:01

Reserved: 2017-03-09T00:00:00

Link: CVE-2017-6613

JSON object: View

NVD Information

Status : Modified

Published: 2017-04-20T22:59:00.683

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-6613

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco Prime Network Registrar", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Prime Network Registrar"}]}], "datePublic": "2017-04-20T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-399", "description": "CWE-399", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "97924", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97924"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"}, {"name": "1038331", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038331"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-6613", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Prime Network Registrar", "version": {"version_data": [{"version_value": "Cisco Prime Network Registrar"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-399"}]}]}, "references": {"reference_data": [{"name": "97924", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97924"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"}, {"name": "1038331", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038331"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-6613", "datePublished": "2017-04-20T22:00:00", "dateReserved": "2017-03-09T00:00:00", "dateUpdated": "2017-07-10T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2E60599-839A-460F-B8DE-E6F22C8ECF6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7BCB950B-9A49-4395-98E8-E0A5F425CDAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6249E955-68F8-486C-9C40-7D4DF5F2F456", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4627E4D9-78CD-4915-8F1E-4F8B7DF8D8D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_network_registrar:8.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "4DBC6C28-8D99-4920-B3CA-3E83E8F9B78D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412."}, {"lang": "es", "value": "Una vulnerabilidad en el procesador de paquetes de entrada de DNS para Cisco Prime Network Registrar podr\u00eda permitir que un atacante remoto no autenticado haga que el proceso DNS se reinicie moment\u00e1neamente, lo que podr\u00eda provocar una denegaci\u00f3n parcial de servicio en el sistema afectado. La vulnerabilidad se debe a la validaci\u00f3n incompleta del encabezado del paquete DNS cuando el paquete es recibido por la aplicaci\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete DNS malformado a la aplicaci\u00f3n. Un exploit podr\u00eda permitir al atacante provocar el reinicio del proceso DNS, lo que podr\u00eda llevar a una condici\u00f3n DoS. Esta vulnerabilidad afecta a Cisco Prime Network Registrar en todas las versiones de software anteriores a 8.3.5. Cisco Bug IDs: CSCvb55412."}], "id": "CVE-2017-6613", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-20T22:59:00.683", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97924"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1038331"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dns"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-399"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}