CVE-2017-12245
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak persists over time, a denial of service (DoS) condition could develop because traffic can cease to be forwarded through the device. The vulnerability is due to an error in how the Firepower Detection Snort Engine handles SSL traffic decryption and notifications to and from the Adaptive Security Appliance (ASA) handler. An attacker could exploit this vulnerability by sending a steady stream of malicious Secure Sockets Layer (SSL) traffic through the device. An exploit could allow the attacker to cause a DoS condition when the device runs low on system memory. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.0.1 and later, running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances. Cisco Bug IDs: CSCve02069.
Una vulnerabilidad en el descifrado de tráfico SSL para Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado provoque el vaciado de la memoria del sistema. Esto también se conoce como Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. Si este filtrado de memoria se mantiene durante mucho tiempo, se podría provocar una denegación de servicio (DoS), ya que el tráfico podría dejar de ser reenviado a través del dispositivo. La vulnerabilidad se debe a un error en la forma en que Firepower Detection Snort Engine gestiona el descifrado del tráfico SSL y las notificaciones a y desde el controlador Adaptive Security Appliance (ASA). Un atacante podría explotar esta vulnerabilidad enviando un flujo constante de tráfico SSL (Secure Sockets Layer) a través del dispositivo. Un exploit podría permitir que el atacante provocase una condición DoS cuando el dispositivo se ejecuta con poca memoria del sistema. Esta vulnerabilidad afecta a las versiones 6.0.1 y siguientes de Cisco Firepower Threat Defense (FTD) Software que se ejecuten en cualquiera de estos productos Cisco: Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances. Cisco Bug IDs: CSCve02069.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-03 CVE Reserved
- 2017-10-05 CVE Published
- 2023-08-15 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101118 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ftd | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.0.1 Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.0.1.3 Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.1.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.1.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.1.0.3 Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.1.0.6 Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.0.2 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.1 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.2 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.2" | - |
Affected
| ||||||