CVE-2017-6625
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361.
Una vulnerabilidad de "Cisco Firepower Threat Defense versión 6.0.0 hasta 6.2.2 y Cisco ASA with FirePOWER Module Denial of Service" en la política de control de acceso de Cisco Firepower System Software podría permitir que un atacante remoto identificado provoque que un sistema afectado deje de inspeccionar y procesar paquetes, lo que resulta en una condición de denegación de servicio (DoS). La vulnerabilidad se debe a un manejo inapropiado de la política SSL por parte del software afectado cuando los paquetes pasan por medio de las interfaces de detección de un sistema afectado. Un atacante podría aprovechar esta vulnerabilidad enviando paquetes creados por medio de un sistema específico. Esta vulnerabilidad afecta al software del sistema Cisco Firepower que está configurado con la función de política SSL. Identificación de errores de Cisco Bug IDs: CSCvc84361
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-05-03 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98292 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038397 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.1.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.1.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.1.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.2" | - |
Affected
| ||||||