CVE-2017-6731

{"id": "CVE-2017-6731", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-07-10T20:29:00.627", "references": [{"url": "http://www.securitytracker.com/id/1038820", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-iosxr", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://www.securitytracker.com/id/1038820", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-iosxr", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds. More Information: CSCvd94828. Known Affected Releases: 4.3.2.MCAST 6.0.2.BASE. Known Fixed Releases: 6.3.1.19i.MCAST 6.2.3.1i.MCAST 6.2.2.17i.MCAST 6.1.4.12i.MCAST."}, {"lang": "es", "value": "Una vulnerabilidad en el procesamiento de paquetes entrantes Multicast Source Discovery Protocol (MSDP) en Cisco IOS XR Software podr\u00eda permitir que un atacante remoto sin autenticar provoque que la sesi\u00f3n MSDP se reinicie inesperadamente, provocando una corta condici\u00f3n de denegaci\u00f3n de servicio (DoS).\tLa sesi\u00f3n MSDP se reiniciar\u00e1 en unos pocos segundos. M\u00e1s informaci\u00f3n: CSCvd94828. Versiones afectadas conocidas: 4.3.2.MCAST 6.0.2.BASE. Versiones corregidas conocidas: 6.3.1.19i.MCAST 6.2.3.1i.MCAST 6.2.2.17i.MCAST 6.1.4.12i.MCAST."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2.mcast:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BFBFDDF-BBAD-4673-B0B2-CC542AFD46AF"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:6.0.2.base:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FE8581A-BB4C-44D2-9C4E-2B26F9D064F2"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}