Strix
26.1K

CVE-2017-6628

UnknownEPSS 1.68%

Last modified

CVE-2017-6628 is a vulnerability of currently unknown severity. A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. EPSS estimates a 1.68% chance of exploitation in the next 30 days.

Description

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. An attacker could exploit this vulnerability by establishing a SMART-SSL connection through the targeted device. The attacker would then send a crafted stream of SSL/TLS traffic. An exploit could allow the attacker to cause a DoS condition where WAN optimization could stop processing traffic for a short period of time. Cisco Bug IDs: CSCvb71133.

Metrics

EPSS Probability
1.68%

74.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoWide Area Application Services6.2.1
CiscoWide Area Application Services6.2.1a
CiscoWide Area Application Services6.2.3a

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-6628?
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. The vulnerability is due to a Secure Sockets Layer/Transport Layer Security (SSL/TLS) alert being incorrectly handled when in a specific SSL/TLS connection state. An attacker could exploit this vulnerability by establishing a SMART-SSL connection through the targeted device. The attacker would then send a crafted stream of SSL/TLS traffic. An exploit could allow the attacker to cause a DoS condition where WAN optimization could stop processing traffic for a short period of time. Cisco Bug IDs: CSCvb71133.
How severe is CVE-2017-6628?
Severity scoring for CVE-2017-6628 is pending analysis. The EPSS model estimates a 1.68% probability of exploitation in the next 30 days.
How do I fix CVE-2017-6628?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6628?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST