CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-6627

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score66.9710%
EPSS Percentile98.81th
Published2017年9月7日
Last Modified2026年4月22日

Vulnerability Description

A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP packets with a destination port of 0 to an affected device. A successful exploit could allow the attacker to cause UDP packets to be held in the input interfaces queue, resulting in a DoS condition. The input interface queue will stop holding UDP packets when it receives 250 packets. Cisco Bug IDs: CSCup10024, CSCva55744, CSCva95506.

Affected Platforms (CPE)

💻
Cisco

Ios

= 15.1\(2\)gc
💻
Cisco

Ios

= 15.1\(2\)gc1
💻
Cisco

Ios

= 15.1\(2\)gc2
💻
Cisco

Ios

= 15.1\(4\)gc
💻
Cisco

Ios

= 15.1\(4\)gc1
💻
Cisco

Ios

= 15.1\(4\)gc2
💻
Cisco

Ios

= 15.2\(1\)gc
💻
Cisco

Ios

= 15.2\(1\)gc1
💻
Cisco

Ios

= 15.2\(1\)gc2
💻
Cisco

Ios

= 15.2\(2\)gc
💻
Cisco

Ios

= 15.2\(3\)gc
💻
Cisco

Ios

= 15.2\(3\)gc1
💻
Cisco

Ios

= 15.2\(3r\)gca
💻
Cisco

Ios

= 15.2\(4\)gc
💻
Cisco

Ios

= 15.2\(4\)gc1
💻
Cisco

Ios

= 15.2\(4\)gc2
💻
Cisco

Ios

= 15.2\(4\)gc3
💻
Cisco

Ios

= 15.4\(1\)t
💻
Cisco

Ios

= 15.4\(1\)t1
💻
Cisco

Ios

= 15.4\(1\)t2
💻
Cisco

Ios

= 15.4\(1\)t3
💻
Cisco

Ios

= 15.4\(1\)t4
💻
Cisco

Ios

= 15.4\(2\)t
💻
Cisco

Ios

= 15.4\(2\)t1
💻
Cisco

Ios

= 15.4\(2\)t2
💻
Cisco

Ios

= 15.4\(3\)m
💻
Cisco

Ios

= 15.4\(3\)m1
💻
Cisco

Ios

= 15.4\(3\)m2
💻
Cisco

Ios

= 15.4\(3\)m2.2
💻
Cisco

Ios

= 15.4\(3\)m3
💻
Cisco

Ios

= 15.4\(3\)m4
💻
Cisco

Ios

= 15.4\(3\)m5
💻
Cisco

Ios

= 15.4\(3\)m6
💻
Cisco

Ios

= 15.4\(3\)m6a
💻
Cisco

Ios

= 15.4\(3\)m7
💻
Cisco

Ios Xe

= 3.14.0s
💻
Cisco

Ios Xe

= 3.14.1s
💻
Cisco

Ios Xe

= 3.14.2s
💻
Cisco

Ios Xe

= 3.14.3s
💻
Cisco

Ios Xe

= 3.14.4s
💻
Cisco

Ios Xe

= 3.15.0s
💻
Cisco

Ios Xe

= 3.15.1cs
💻
Cisco

Ios Xe

= 3.15.1s
💻
Cisco

Ios Xe

= 3.15.2s
💻
Cisco

Ios Xe

= 3.15.3s
💻
Cisco

Ios Xe

= 3.15.4s
💻
Cisco

Ios Xe

= 3.16.0cs
💻
Cisco

Ios Xe

= 3.16.0s
💻
Cisco

Ios Xe

= 3.16.1as
💻
Cisco

Ios Xe

= 3.16.1s
💻
Cisco

Ios Xe

= 3.16.2as
💻
Cisco

Ios Xe

= 3.16.2bs
💻
Cisco

Ios Xe

= 3.16.2s
💻
Cisco

Ios Xe

= 3.16.3as
💻
Cisco

Ios Xe

= 3.16.3s
💻
Cisco

Ios Xe

= 3.16.4as
💻
Cisco

Ios Xe

= 3.16.4bs
💻
Cisco

Ios Xe

= 3.16.4ds
💻
Cisco

Ios Xe

= 3.16.4s
💻
Cisco

Ios Xe

= 3.16.5s
💻
Cisco

Ios Xe

= 3.16.6s
💻
Cisco

Ios Xe

= 3.17.0s
💻
Cisco

Ios Xe

= 3.17.1as
💻
Cisco

Ios Xe

= 3.17.1s
💻
Cisco

Ios Xe

= 3.17.3s
💻
Cisco

Ios Xe

= 3.18.0as
💻
Cisco

Ios Xe

= 3.18.0s
💻
Cisco

Ios Xe

= 3.18.1s
💻
Cisco

Ios Xe

= 3.18.2s
💻
Cisco

Ios Xe

= 3.18.3s
💻
Cisco

Ios Xe

= 3.18.3vs

References & Advisories

🔗 http://www.securityfocus.com/bid/100644
🔗 http://www.securitytracker.com/id/1039289
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-ios-udp
🔗 http://www.securityfocus.com/bid/100644
🔗 http://www.securitytracker.com/id/1039289
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-ios-udp
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6627

相關漏洞威脅

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...