Intrusion Prevention

EMC.AppSync.Host.Plugin.DoS

Description

This indicates an attack attempt against a Denial-of-Service (DoS) vulnerability in EMC AppSync Host Plug-in (AppSync agent).
The vulnerability is due to an error when the vulnerable software on Windows platforms processes a large amount of network packets. An unauthenticated remote attacker can send specifically crafted packets to the vulnerable service and cause denial of service condition.

Affected Products

EMC AppSync host plug-in versions 3.5 and below (Windows platform only)

Impact

Denial of Service: Remote attackers can crash vulnerable application.

Recommended Actions

Upgrade to EMC AppSync Host Plug-in version 3.1 followed by deploying Host Plug-in patch version 3.1.0.3.
Upgrade to EMC AppSync Host Plug-in version 3.5 followed by deploying with AppSync security update for Windows.
https://support.emc.com/downloads/25364_AppSync

CVE References

CVE-2017-8018