{"cve":{"cve_id":"CVE-2017-3144","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.72724,"epss_percentile":0.99372,"epss_as_of":"2026-06-23","description":"A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.","published_at":"2019-01-16T20:00:00Z","last_modified_at":null,"cvss_v3_score":5.3,"cvss_v3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://access.redhat.com/errata/RHSA-2018:0158","https://www.debian.org/security/2018/dsa-4133","http://www.securityfocus.com/bid/102726","http://www.securitytracker.com/id/1040194","https://usn.ubuntu.com/3586-1/","https://kb.isc.org/docs/aa-01541"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:10:00.284496Z"},"effective_severity":"MEDIUM","badges":["epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"isc","vendor_name":"ISC","product_slug":"isc-dhcp","product_name":"ISC DHCP","version_start":"ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested.","version_start_inclusive":true,"version_end":"ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested.","version_end_inclusive":true,"cpe23_uri":"cve5:isc:isc-dhcp:ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested.:ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested."}],"exploit_refs":[],"news":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2018:0158","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4133","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.securityfocus.com/bid/102726","source_type":"MISC","tags":[]},{"url":"http://www.securitytracker.com/id/1040194","source_type":"MISC","tags":[]},{"url":"https://usn.ubuntu.com/3586-1/","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://kb.isc.org/docs/aa-01541","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2019-01-16T20:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T16:56:34.870931Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:56:34.870931Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:56:34.870931Z","label":"CVSS score revised","source":"cvelistv5"}]}