Описание
Уязвимость компонентов Application Quality of Experience (AppQoE) и Unified Threat Defense (UTD) операционной системы Cisco IOS XE связана с некорректной зачисткой или освобождением ресурсов. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Вендор
Cisco Systems Inc.
Наименование ПО
Cisco IOS XE
Версия ПО
17.7.1 (Cisco IOS XE)
17.7.1a (Cisco IOS XE)
17.7.2 (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.7 (Cisco IOS XE)
17.7.1 (Cisco IOS XE)
17.7.1a (Cisco IOS XE)
17.7.2 (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
17.10 (Cisco IOS XE)
17.10.1 (Cisco IOS XE)
17.10.1a (Cisco IOS XE)
17.8 (Cisco IOS XE)
17.8.1 (Cisco IOS XE)
17.8.1a (Cisco IOS XE)
17.9 (Cisco IOS XE)
17.9.1 (Cisco IOS XE)
17.9.2 (Cisco IOS XE)
17.9.1a (Cisco IOS XE)
17.9.2a (Cisco IOS XE)
Тип ПО
Операционная система
Операционные системы и аппаратные платформы
Cisco Systems Inc. Cisco IOS XE 17.7.1
Cisco Systems Inc. Cisco IOS XE 17.7.1a
Cisco Systems Inc. Cisco IOS XE 17.7.2
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.7
Cisco Systems Inc. Cisco IOS XE 17.7.1
Cisco Systems Inc. Cisco IOS XE 17.7.1a
Cisco Systems Inc. Cisco IOS XE 17.7.2
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Cisco Systems Inc. Cisco IOS XE 17.10
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 17.10.1a
Cisco Systems Inc. Cisco IOS XE 17.8
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.8.1a
Cisco Systems Inc. Cisco IOS XE 17.9
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.1a
Cisco Systems Inc. Cisco IOS XE 17.9.2a
Уровень опасности уязвимости
Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 8,6)
Возможные меры по устранению уязвимости
Использование рекомендаций производителя:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 39%
0.00178
Низкий
8.6 High
CVSS3
7.8 High
CVSS2
Связанные уязвимости
CVSS3: 8.6
nvd
больше 2 лет назад
A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVSS3: 8.6
github
больше 2 лет назад
A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
EPSS
Процентиль: 39%
0.00178
Низкий
8.6 High
CVSS3
7.8 High
CVSS2