#VU10448 Resource exhaustion in Brocade Fabric OS - CVE-2017-6227
Published: February 12, 2018
Vulnerability identifier: #VU10448
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-6227
CWE-ID: CWE-400
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Brocade Fabric OS
Brocade Fabric OS
Software vendor:
Brocade
Brocade
Description
The vulnerability allows an adjacent attacker to cause a DoS condition on the target system.
The weakness exists due to improper handling of Router Advertisement messages. An adjacent attacker can send specially crafted RA messages, consume excessive amounts of CPU resources and cause the system to hang.
The weakness exists due to improper handling of Router Advertisement messages. An adjacent attacker can send specially crafted RA messages, consume excessive amounts of CPU resources and cause the system to hang.
Remediation
Update to versions 7.4.2b, 8.1.2, 8.2.0.