What is CVE-2017-3144?

CVE-2017-3144 is a medium-severity vulnerability in Isc Dhcp. CVSS score: 5.3/10. Published 2019-01-16.

How severe is CVE-2017-3144?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Is CVE-2017-3144 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Isc Dhcp

CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3…

EPSS: 0.727 (99.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Isc Dhcp — versions ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

RHSA-2018:0158 (x_refsource_REDHAT, vendor-advisory)
DSA-4133 (vendor-advisory, x_refsource_DEBIAN)
102726 (vdb-entry, x_refsource_BID)
1040194 (vdb-entry, x_refsource_SECTRACK)
USN-3586-1 (x_refsource_UBUNTU, vendor-advisory)
kb.isc.org/docs/aa-01541 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2017-3144?: CVE-2017-3144 is a medium-severity vulnerability in Isc Dhcp. CVSS score: 5.3/10. Published 2019-01-16.
How severe is CVE-2017-3144?: Medium severity. CVSS v3 base score is 5.3 out of 10.
Is CVE-2017-3144 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.