// For flags

CVE-2017-12245

 

Severity Score

8.6
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak persists over time, a denial of service (DoS) condition could develop because traffic can cease to be forwarded through the device. The vulnerability is due to an error in how the Firepower Detection Snort Engine handles SSL traffic decryption and notifications to and from the Adaptive Security Appliance (ASA) handler. An attacker could exploit this vulnerability by sending a steady stream of malicious Secure Sockets Layer (SSL) traffic through the device. An exploit could allow the attacker to cause a DoS condition when the device runs low on system memory. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.0.1 and later, running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances. Cisco Bug IDs: CSCve02069.

Una vulnerabilidad en el descifrado de tráfico SSL para Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado provoque el vaciado de la memoria del sistema. Esto también se conoce como Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. Si este filtrado de memoria se mantiene durante mucho tiempo, se podría provocar una denegación de servicio (DoS), ya que el tráfico podría dejar de ser reenviado a través del dispositivo. La vulnerabilidad se debe a un error en la forma en que Firepower Detection Snort Engine gestiona el descifrado del tráfico SSL y las notificaciones a y desde el controlador Adaptive Security Appliance (ASA). Un atacante podría explotar esta vulnerabilidad enviando un flujo constante de tráfico SSL (Secure Sockets Layer) a través del dispositivo. Un exploit podría permitir que el atacante provocase una condición DoS cuando el dispositivo se ejecuta con poca memoria del sistema. Esta vulnerabilidad afecta a las versiones 6.0.1 y siguientes de Cisco Firepower Threat Defense (FTD) Software que se ejecuten en cualquiera de estos productos Cisco: Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances. Cisco Bug IDs: CSCve02069.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-08-03 CVE Reserved
  • 2017-10-05 CVE Published
  • 2023-08-15 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
  • CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.0.1
Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.1"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.0.1.3
Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.1.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.1.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.1.0.3
Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.1.0.6
Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0.6"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.0.2
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0.2"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.1
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.1"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.2
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.2"
-
Affected