Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-6625
HistoryMay 03, 2017 - 9:59 p.m.

CVE-2017-6625

2017-05-0321:59:00
CWE-399
[email protected]
web.nvd.nist.gov
5

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS

0.001

Percentile

45.3%

JSON

A “Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service” vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361.

Affected configurations

Nvd
Node
ciscofirepower_threat_defenseMatch6.0.0
OR
ciscofirepower_threat_defenseMatch6.0.1
OR
ciscofirepower_threat_defenseMatch6.1.0
OR
ciscofirepower_threat_defenseMatch6.1.0.2
OR
ciscofirepower_threat_defenseMatch6.2.0
OR
ciscofirepower_threat_defenseMatch6.2.1
OR
ciscofirepower_threat_defenseMatch6.2.2
VendorProductVersionCPE
ciscofirepower_threat_defense6.0.0cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.0.1cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.1.0cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.1.0.2cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.0cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.1cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*
ciscofirepower_threat_defense6.2.2cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*

Related

nessus 1
openvas 1
prion 1
cve 1
cisco 1
cvelist 1
nessus
nessus
Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Improper SSL Policy Packet Handling DoS (cisco-sa-20170503-ftd)
2017-05-25 00:00:00
openvas
openvas
Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability
2017-05-10 00:00:00
prion
prion
Race condition
2017-05-03 21:59:00
cve
cve
CVE-2017-6625
2017-05-03 21:59:00
cisco
cisco
Cisco Firepower Threat Defense and Cisco ASA with FirePOWER Module Denial of Service Vulnerability
2017-05-03 16:00:00
cvelist
cvelist
CVE-2017-6625
2017-05-03 21:00:00

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS

0.001

Percentile

45.3%

JSON
Related for NVD:CVE-2017-6625
nessus1openvas1prion1cve1cisco1cvelist1