CVE-2017-6791Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Unified Communications Manager

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.8%
top 17.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Unified Communications ManagerCisco Unified Communications Manager
Timeline
PublishedSep 7
Latest updateMay 13

Description

A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security (TLS) traffic by the affected software. An attacker could exploit this vulnerability by generating incomplete traffic streams. A successful exploit could allow the attacker to deny access to the TVS for an affected

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco/cisco_unified_communications_managerCisco Unified Communications Manager

🔴Vulnerability Details

2
GHSA
GHSA-5qmr-j946-m785: A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cau2022-05-13
CVEList
CVE-2017-6791: A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cau2017-09-07

📋Vendor Advisories

1
Cisco
Cisco Unified Communications Manager Trust Verification Service Denial of Service Vulnerability2017-09-06
CVE-2017-6791 — Cisco vulnerability | cvebase