CVE-2017-6721

MEDIUM

Cisco Wide Area Application Services - Denial of Service via Fragmented TCP Packet Processing

Title source: llm
STIX 2.1

Description

A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information: CSCvc57428. Known Affected Releases: 6.3(1). Known Fixed Releases: 6.3(0.143) 6.2(3c)6 6.2(3.22).

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038747
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99200

Scores

CVSS v3 5.3
EPSS 0.0220
EPSS Percentile 80.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-20
Status published
Products (2)
cisco/wide_area_application_services 6.3\(1\)
n/a/Cisco Wide Area Application Services Cisco Wide Area Application Services
Published Jul 04, 2017
Tracked Since Feb 18, 2026