====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN243
_____________________________________________________________________

DATE                : 07/09/2017

HARDWARE PLATFORM(S):  /

OPERATING SYSTEM(S): Systems running Cisco IoT Field Network Director.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-fnd
____________________________________________________________________

Cisco Security Advisory: Cisco IoT Field Network Director Memory
Exhaustion Denial of Service Vulnerability

Advisory ID: cisco-sa-20170906-fnd

Revision: 1.0

For Public Release: 2017 September 6 16:00 GMT

Last Updated: 2017 September 6 16:00 GMT

CVE ID(s): CVE-2017-6780

CVSS Score v(3): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the TCP throttling process for Cisco IoT Field
Network Director (IoT-FND)   could allow an unauthenticated, remote
attacker to cause the system to consume additional memory, eventually
forcing the device to restart.

The vulnerability is due to insufficient rate-limiting protection. An
attacker could exploit this vulnerability by sending a high rate of TCP
packets to a specific group of open listening ports on a targeted
device. An exploit could allow the attacker to cause the system to
consume additional memory. If enough available memory is consumed, the
system will restart, creating a temporary denial of service (DoS)
condition. The DoS condition will end after the device has finished the
restart process.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-fnd
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-fnd"]


==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================