cnvd - cnvd-2017-34247

cnvd-2017-34247

Vulnerability from cnvd

Title: Cisco Wide Area Application Services拒绝服务漏洞

Description:

Cisco Wide Area Application Services（WAAS）是美国思科（Cisco）公司的一套广域网链路加速软件。该软件主要用于带宽小和延时大的链路环境。

Cisco WAAS中的HTTP Web界面存在拒绝服务漏洞，该漏洞源于程序未能充分的检测HTTP请求中用户提交的输入参数。远程攻击者可通过向目标设备发送特制的HTTP请求利用该漏洞造成拒绝服务（与HTTP Application Optimization (AO)有关的进程重启）。

Severity: 中

Patch Name: Cisco Wide Area Application Services拒绝服务漏洞的补丁

Patch Description:

Cisco Wide Area Application Services（WAAS）是美国思科（Cisco）公司的一套广域网链路加速软件。该软件主要用于带宽小和延时大的链路环境。

Cisco WAAS中的HTTP Web界面存在拒绝服务漏洞，该漏洞源于程序未能充分的检测HTTP请求中用户提交的输入参数。远程攻击者可通过向目标设备发送特制的HTTP请求利用该漏洞造成拒绝服务（与HTTP Application Optimization (AO)有关的进程重启）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc63048

Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12250 http://www.securityfocus.com/bid/100928

Impacted products

Name
Cisco Systems, Inc. Wide Area Application Services 6.2(3a)

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "100928"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12250"
    }
  },
  "description": "Cisco Wide Area Application Services\uff08WAAS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u5e7f\u57df\u7f51\u94fe\u8def\u52a0\u901f\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u5e26\u5bbd\u5c0f\u548c\u5ef6\u65f6\u5927\u7684\u94fe\u8def\u73af\u5883\u3002\r\n\r\nCisco WAAS\u4e2d\u7684HTTP Web\u754c\u9762\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u68c0\u6d4bHTTP\u8bf7\u6c42\u4e2d\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u53c2\u6570\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u76ee\u6807\u8bbe\u5907\u53d1\u9001\u7279\u5236\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u4e0eHTTP Application Optimization (AO)\u6709\u5173\u7684\u8fdb\u7a0b\u91cd\u542f\uff09\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc63048",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-34247",
  "openTime": "2017-11-17",
  "patchDescription": "Cisco Wide Area Application Services\uff08WAAS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u5e7f\u57df\u7f51\u94fe\u8def\u52a0\u901f\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u5e26\u5bbd\u5c0f\u548c\u5ef6\u65f6\u5927\u7684\u94fe\u8def\u73af\u5883\u3002\r\n\r\nCisco WAAS\u4e2d\u7684HTTP Web\u754c\u9762\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u68c0\u6d4bHTTP\u8bf7\u6c42\u4e2d\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u53c2\u6570\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u76ee\u6807\u8bbe\u5907\u53d1\u9001\u7279\u5236\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u4e0eHTTP Application Optimization (AO)\u6709\u5173\u7684\u8fdb\u7a0b\u91cd\u542f\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Wide Area Application Services\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Systems, Inc. Wide Area Application Services 6.2(3a)"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-12250\r\nhttp://www.securityfocus.com/bid/100928",
  "serverity": "\u4e2d",
  "submitTime": "2017-09-22",
  "title": "Cisco Wide Area Application Services\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2017-12250 (GCVE-0-2017-12250)

Vulnerability from cvelistv5

Published

2017-09-21 05:00

Modified

2024-08-05 18:28

Severity ?

CWE

CWE-399

Summary

A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service (DoS) condition. The vulnerability is due to lack of input validation of user-supplied input parameters within an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to cause a DoS condition due to a process unexpectedly restarting. The WAAS could drop traffic during the brief time the process is restarting. Cisco Bug IDs: CSCvc63048.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039415	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-waas	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100928	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Wide Area Application Services	Version: Cisco Wide Area Application Services

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039415",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-waas"
          },
          {
            "name": "100928",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100928"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Wide Area Application Services",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Wide Area Application Services"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service (DoS) condition. The vulnerability is due to lack of input validation of user-supplied input parameters within an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to cause a DoS condition due to a process unexpectedly restarting. The WAAS could drop traffic during the brief time the process is restarting. Cisco Bug IDs: CSCvc63048."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-22T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1039415",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-waas"
        },
        {
          "name": "100928",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100928"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12250",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Wide Area Application Services",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Wide Area Application Services"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service (DoS) condition. The vulnerability is due to lack of input validation of user-supplied input parameters within an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to cause a DoS condition due to a process unexpectedly restarting. The WAAS could drop traffic during the brief time the process is restarting. Cisco Bug IDs: CSCvc63048."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039415",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039415"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-waas",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-waas"
            },
            {
              "name": "100928",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100928"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12250",
    "datePublished": "2017-09-21T05:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:28:16.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted