{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T20:31:19.122","vulnerabilities":[{"cve":{"id":"CVE-2017-6641","sourceIdentifier":"psirt@cisco.com","published":"2017-05-22T01:29:00.477","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system. The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack. Cisco Bug IDs: CSCva29806."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad de manejo de la conexión TCP de Remote Expert Manager Software versión 11.0.0 de Cisco, podría permitir a un atacante no autenticado remoto deshabilitar los puertos TCP y causar una condición de denegación de servicio (DoS) en un sistema afectado. La vulnerabilidad es debido a la falta de la funcionalidad de limitación de velocidad en la aplicación TCP Listen del programa afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de un flujo de tráfico TCP en el que se inundan tipos específicos de paquetes TCP a un dispositivo afectado, por ejemplo, un flujo de paquetes TCP en el que el bit FIN de TCP se establece en todos los paquetes TCP. Una explotación con éxito podría permitir al atacante hacer que ciertos puertos de escucha de TCP en el sistema afectado dejen de aceptar conexiones entrantes durante un período de tiempo o hasta que se reinicie el dispositivo afectado, resultando en una condición DoS. Además, los recursos del sistema, como la CPU y la memoria, podrían agotarse durante el ataque. IDs de Bug de Cisco: CSCva29806."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-399"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:remote_expert_manager:11.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E1FBE8C1-28EE-41E6-AFCB-719EAC7A0685"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/98532","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/98532","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}