关键信息 漏洞概述: - CVE编号: CVE-2017-6721 - Cisco Bug ID: CSCvc57428 - CVSS评分: Base 5.8 - 漏洞类型: TCP Fragment Denial of Service Vulnerability 影响产品: - 受影响产品: Cisco Wide Area Application Services (WAAS) - 已确认不脆弱的产品: No other Cisco products are currently known to be affected by this vulnerability. 风险评级: Medium 摘要: - A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. Fixed Software: - Consult the Cisco bug ID(s) at the top of this advisory for information about fixed software releases. Workarounds: - There are no workarounds that address this vulnerability. Exploitation and Public Announcements: - The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source: - This vulnerability was found during internal security testing. ``` 额外信息 公告ID: cisco-sa-20170621-waas 首次发布日期: 2017 June 21 16:00 GMT 版本: 1.0 - Final