Vulnerability Name: | CVE-2017-6625 (CCN-125577) | ||||||||||||
Assigned: | 2017-05-03 | ||||||||||||
Published: | 2017-05-03 | ||||||||||||
Updated: | 2019-10-09 | ||||||||||||
Summary: | A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361. | ||||||||||||
CVSS v3 Severity: | 7.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H) 6.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 5.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P)
| ||||||||||||
Vulnerability Type: | CWE-noinfo | ||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2017-6625 Source: BID Type: Third Party Advisory, VDB Entry 98292 Source: CCN Type: BID-98292 Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1038397 Source: XF Type: UNKNOWN cisco-ftd-cve20176625-dos(125577) Source: CCN Type: Cisco Security Advisory cisco-sa-20170503-ftd Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability Source: CONFIRM Type: Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |