COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2017-6627

CVE-2017-6627

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-03-03
Reference
https://nvd.nist.gov/vuln/detail/CVE-2017-6627
⌖ exploited in the wild shame 50/100 exploited-in-wild

A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.

Players implicated

Cisco Systems Inc. · vendorIOS and IOS XE · product

Description

A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.

Affected FedRAMP products 8 in the catalog

ProductProviderStatusMatch
Cisco Cloudlock for Government Cisco Systems Inc. Authorized vendor-exact · 0.90
Cisco Meraki for Government Cisco Systems Inc. In Process vendor-exact · 0.90
Cisco SD-WAN for Government Cisco Systems Inc. In Process vendor-exact · 0.90
Cisco Umbrella for Government Cisco Systems Inc. In Process vendor-exact · 0.90
Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government) Cisco Systems Inc. Authorized vendor-exact · 0.90
Duo Federal Duo Security (A Cisco Company) Authorized dex-judge · 0.95
WebEx Contact Center Enterprise for Government (WxCCE-G) Cisco Systems Inc. In Process vendor-exact · 0.90
Webex for Government Cisco Systems Inc. Authorized vendor-exact · 0.90