CVE-2017-12267

A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA application optimization-related process to restart, resulting in a partial denial of service (DoS) condition. The vulnerability is due to improperly aborting a connection when an unexpected protocol packet is received. An attacker could exploit this vulnerability by sending a crafted ICA traffic through the targeted device. A successful exploit could allow the attacker to cause a DoS condition that is due to a process unexpectedly restarting. The Cisco WAAS could drop ICA traffic while the process is restarting. This vulnerability affects Cisco Wide Area Application Services (WAAS) and Cisco Virtual Wide Area Application Services (vWAAS). Cisco Bug IDs: CSCve74457.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/101176	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-waas1	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:virtual_wide_area_application_services:6.2\(3b\):::::::*
	cpe:2.3:a:cisco:wide_area_application_services:6.2\(3b\):::::::*

History

No history.

Information

Published : 2017-10-05 07:29

Updated : 2024-02-04 19:29

NVD link : CVE-2017-12267

Mitre link : CVE-2017-12267

CVE.ORG link : CVE-2017-12267

JSON object : View

Products Affected

cisco

virtual_wide_area_application_services
wide_area_application_services

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2017-12267", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-10-05T07:29:00.667", "references": [{"url": "http://www.securityfocus.com/bid/101176", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-waas1", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA application optimization-related process to restart, resulting in a partial denial of service (DoS) condition. The vulnerability is due to improperly aborting a connection when an unexpected protocol packet is received. An attacker could exploit this vulnerability by sending a crafted ICA traffic through the targeted device. A successful exploit could allow the attacker to cause a DoS condition that is due to a process unexpectedly restarting. The Cisco WAAS could drop ICA traffic while the process is restarting. This vulnerability affects Cisco Wide Area Application Services (WAAS) and Cisco Virtual Wide Area Application Services (vWAAS). Cisco Bug IDs: CSCve74457."}, {"lang": "es", "value": "Una vulnerabilidad en la caracter\u00edstica de aceleraci\u00f3n de ICA (Independent Computing Architecture) para WAAS (Wide Area Application Services) de Cisco podr\u00eda permitir que un atacante remoto no autenticado provoque que un proceso relacionado con la optimizaci\u00f3n de una aplicaci\u00f3n ICA se reinicie, generando una denegaci\u00f3n de servicio (DoS) parcial en consecuencia. La vulnerabilidad se debe a una cancelaci\u00f3n incorrecta de una conexi\u00f3n cuando se recibe un paquete de protocolo no esperado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un tr\u00e1fico ICA manipulado a trav\u00e9s del dispositivo objetivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante cause una denegaci\u00f3n de servicio provocada por el reinicio inesperado de un proceso. Los WAAS de Cisco podr\u00edan sufrir una ca\u00edda del tr\u00e1fico ICA mientras se reinicia el proceso. La vulnerabilidad afecta a WAAS (Wide Area Application Services) y vWAAS (Virtual Wide Area Application Services). Cisco Bug IDs: CSCve74457."}], "lastModified": "2019-10-09T23:22:47.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:virtual_wide_area_application_services:6.2\\(3b\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF892160-8D27-49E4-9B57-9D9D4C209AF9"}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:6.2\\(3b\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D019E94-056D-479E-9C72-667B46893B3F"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}