Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-6610 (GCVE-0-2017-6610)
Vulnerability from cvelistv5 – Published: 2017-04-20 22:00 – Updated: 2024-08-05 15:33
VLAI?
EPSS
Summary
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco ASA Software |
Affected:
Cisco ASA Software
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97934"
},
{
"name": "1038314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASA Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco ASA Software"
}
]
}
],
"datePublic": "2017-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "97934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97934"
},
{
"name": "1038314",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASA Software",
"version": {
"version_data": [
{
"version_value": "Cisco ASA Software"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97934"
},
{
"name": "1038314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038314"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6610",
"datePublished": "2017-04-20T22:00:00.000Z",
"dateReserved": "2017-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:33:20.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2017-6610
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-6610",
"description": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.",
"id": "GSD-2017-6610"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-6610"
],
"details": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.",
"id": "GSD-2017-6610",
"modified": "2023-12-13T01:21:09.654602Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASA Software",
"version": {
"version_data": [
{
"version_value": "Cisco ASA Software"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97934"
},
{
"name": "1038314",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038314"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6610"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
},
{
"name": "97934",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97934"
},
{
"name": "1038314",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1038314"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
},
"lastModifiedDate": "2023-08-15T15:14Z",
"publishedDate": "2017-04-20T22:59Z"
}
}
}
CERTFR-2017-AVI-127
Vulnerability from certfr_avis - Published: 2017-04-20 - Updated: 2017-04-20
De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Adaptive Security Appliance | Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ASA 5500 Series Adaptive Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | Unified Communications Manager | Cisco Unified Communications Manager (CallManager) sans le dernier correctif de sécurité | ||
| Cisco | N/A | Firepower 9300 Series Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | Adaptive Security Appliance | Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ISA 3000 Industrial Security Appliance (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Sourcefire 3D System Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco Adaptive Security Virtual Appliance (ASAv, voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Cisco ASA 1000V Cloud Firewall (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Firepower 4100 Series Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ASA Services Module pour les commutateurs Cisco Catalyst séries 6500 et les routeurs Cisco séries 7600 (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | Firepower Threat Defense | FirePOWER Threat Defense for Integrated Services Routers (ISRs, voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Industrial Security Appliance 3000 (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | FirePOWER 7000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | IOS XE | Cisco IOS et Cisco IOS XE avec le module EnergyWise activé, sans le dernier correctif de sécurité | ||
| Cisco | N/A | FirePOWER 8000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco Firepower 9300 ASA Security Module (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Cisco ASA 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Adaptive Security Appliance",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 5500 Series Adaptive Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Unified Communications Manager (CallManager) sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Unified Communications Manager",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Firepower 9300 Series Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Adaptive Security Appliance",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISA 3000 Industrial Security Appliance (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Sourcefire 3D System Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Adaptive Security Virtual Appliance (ASAv, voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 1000V Cloud Firewall (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Firepower 4100 Series Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA Services Module pour les commutateurs Cisco Catalyst s\u00e9ries 6500 et les routeurs Cisco s\u00e9ries 7600 (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER Threat Defense for Integrated Services Routers (ISRs, voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Firepower Threat Defense",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Industrial Security Appliance 3000 (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER 7000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS et Cisco IOS XE avec le module EnergyWise activ\u00e9, sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "IOS XE",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER 8000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower 9300 ASA Security Module (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3862"
},
{
"name": "CVE-2017-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3863"
},
{
"name": "CVE-2017-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3861"
},
{
"name": "CVE-2017-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6609"
},
{
"name": "CVE-2017-3808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3808"
},
{
"name": "CVE-2016-6368",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6368"
},
{
"name": "CVE-2017-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6608"
},
{
"name": "CVE-2017-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6607"
},
{
"name": "CVE-2017-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3860"
},
{
"name": "CVE-2017-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6610"
}
],
"initial_release_date": "2017-04-20T00:00:00",
"last_revision_date": "2017-04-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-xauth du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-fpsnort du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-ipsec du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-tls du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-dns du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-energywise du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-ucm du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm"
}
],
"reference": "CERTFR-2017-AVI-127",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-xauth du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-ipsec du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-dns du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-energywise du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-fpsnort du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-ucm du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-tls du 19 avril 2017",
"url": null
}
]
}
GHSA-786P-2RC4-PC65
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46
VLAI?
Details
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.
Severity ?
7.7 (High)
{
"affected": [],
"aliases": [
"CVE-2017-6610"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-20T22:59:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.",
"id": "GHSA-786p-2rc4-pc65",
"modified": "2022-05-13T01:46:41Z",
"published": "2022-05-13T01:46:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6610"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97934"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038314"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2017-05780
Vulnerability from cnvd - Published: 2017-05-02
VLAI Severity ?
Title
思科ASA Software拒绝服务漏洞
Description
思科Adaptive Security Appliance (ASA) Software是思科ASA系列的核心操作系统。
思科ASA Software存在拒绝服务漏洞,远程攻击者可利用该漏洞通过发送专门设计的参数,导致受影响设备重新加载。
Severity
中
Patch Name
思科ASA Software拒绝服务漏洞的补丁
Patch Description
思科Adaptive Security Appliance (ASA) Software是思科ASA系列的核心操作系统。
思科ASA Software存在拒绝服务漏洞,远程攻击者可利用该漏洞通过发送专门设计的参数,导致受影响设备重新加载。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth
https://nvd.nist.gov/vuln/detail/CVE-2017-6610
http://www.securityfocus.com/bid/97934
Impacted products
| Name | ['Cisco Adaptive Security Appliance (ASA) Software 9.0', 'Cisco Adaptive Security Appliance (ASA) Software 9.1', 'Cisco Adaptive Security Appliance (ASA) Software 9.2', 'Cisco Adaptive Security Appliance (ASA) Software 9.3', 'Cisco Adaptive Security Appliance (ASA) Software 9.4', 'Cisco Adaptive Security Appliance (ASA) Software 9.5', 'Cisco Adaptive Security Appliance (ASA) Software 9.6'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "97934"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-6610"
}
},
"description": "\u601d\u79d1Adaptive Security Appliance (ASA) Software\u662f\u601d\u79d1ASA\u7cfb\u5217\u7684\u6838\u5fc3\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u601d\u79d1ASA Software\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u4e13\u95e8\u8bbe\u8ba1\u7684\u53c2\u6570\uff0c\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002",
"discovererName": "Cisco",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-05780",
"openTime": "2017-05-02",
"patchDescription": "\u601d\u79d1Adaptive Security Appliance (ASA) Software\u662f\u601d\u79d1ASA\u7cfb\u5217\u7684\u6838\u5fc3\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u601d\u79d1ASA Software\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u4e13\u95e8\u8bbe\u8ba1\u7684\u53c2\u6570\uff0c\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u601d\u79d1ASA Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Cisco Adaptive Security Appliance (ASA) Software 9.0",
"Cisco Adaptive Security Appliance (ASA) Software 9.1",
"Cisco Adaptive Security Appliance (ASA) Software 9.2",
"Cisco Adaptive Security Appliance (ASA) Software 9.3",
"Cisco Adaptive Security Appliance (ASA) Software 9.4",
"Cisco Adaptive Security Appliance (ASA) Software 9.5",
"Cisco Adaptive Security Appliance (ASA) Software 9.6"
]
},
"referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-6610\r\nhttp://www.securityfocus.com/bid/97934",
"serverity": "\u4e2d",
"submitTime": "2017-04-28",
"title": "\u601d\u79d1ASA Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
FKIE_CVE-2017-6610
Vulnerability from fkie_nvd - Published: 2017-04-20 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/97934 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038314 | ||
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97934 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 9.0.1 | |
| cisco | adaptive_security_appliance_software | 9.0.2 | |
| cisco | adaptive_security_appliance_software | 9.0.2.10 | |
| cisco | adaptive_security_appliance_software | 9.0.3 | |
| cisco | adaptive_security_appliance_software | 9.0.3.6 | |
| cisco | adaptive_security_appliance_software | 9.0.3.8 | |
| cisco | adaptive_security_appliance_software | 9.0.4 | |
| cisco | adaptive_security_appliance_software | 9.0.4.1 | |
| cisco | adaptive_security_appliance_software | 9.0.4.5 | |
| cisco | adaptive_security_appliance_software | 9.0.4.7 | |
| cisco | adaptive_security_appliance_software | 9.0.4.17 | |
| cisco | adaptive_security_appliance_software | 9.0.4.20 | |
| cisco | adaptive_security_appliance_software | 9.0.4.24 | |
| cisco | adaptive_security_appliance_software | 9.0.4.26 | |
| cisco | adaptive_security_appliance_software | 9.0.4.29 | |
| cisco | adaptive_security_appliance_software | 9.0.4.33 | |
| cisco | adaptive_security_appliance_software | 9.0.4.35 | |
| cisco | adaptive_security_appliance_software | 9.0.4.37 | |
| cisco | adaptive_security_appliance_software | 9.0.4.40 | |
| cisco | adaptive_security_appliance_software | 9.0.4.42 | |
| cisco | adaptive_security_appliance_software | 9.1\(7\)4 | |
| cisco | adaptive_security_appliance_software | 9.1\(7\)6 | |
| cisco | adaptive_security_appliance_software | 9.1\(7\)7 | |
| cisco | adaptive_security_appliance_software | 9.1.1 | |
| cisco | adaptive_security_appliance_software | 9.1.1.4 | |
| cisco | adaptive_security_appliance_software | 9.1.2 | |
| cisco | adaptive_security_appliance_software | 9.1.2.8 | |
| cisco | adaptive_security_appliance_software | 9.1.3 | |
| cisco | adaptive_security_appliance_software | 9.1.3.2 | |
| cisco | adaptive_security_appliance_software | 9.1.4 | |
| cisco | adaptive_security_appliance_software | 9.1.4.5 | |
| cisco | adaptive_security_appliance_software | 9.1.5 | |
| cisco | adaptive_security_appliance_software | 9.1.5.10 | |
| cisco | adaptive_security_appliance_software | 9.1.5.12 | |
| cisco | adaptive_security_appliance_software | 9.1.5.15 | |
| cisco | adaptive_security_appliance_software | 9.1.5.21 | |
| cisco | adaptive_security_appliance_software | 9.1.6 | |
| cisco | adaptive_security_appliance_software | 9.1.6.1 | |
| cisco | adaptive_security_appliance_software | 9.1.6.4 | |
| cisco | adaptive_security_appliance_software | 9.1.6.6 | |
| cisco | adaptive_security_appliance_software | 9.1.6.8 | |
| cisco | adaptive_security_appliance_software | 9.1.6.10 | |
| cisco | adaptive_security_appliance_software | 9.2\(0.0\) | |
| cisco | adaptive_security_appliance_software | 9.2\(0.104\) | |
| cisco | adaptive_security_appliance_software | 9.2\(3.1\) | |
| cisco | adaptive_security_appliance_software | 9.2.1 | |
| cisco | adaptive_security_appliance_software | 9.2.2 | |
| cisco | adaptive_security_appliance_software | 9.2.2.4 | |
| cisco | adaptive_security_appliance_software | 9.2.2.7 | |
| cisco | adaptive_security_appliance_software | 9.2.2.8 | |
| cisco | adaptive_security_appliance_software | 9.2.3 | |
| cisco | adaptive_security_appliance_software | 9.2.3.3 | |
| cisco | adaptive_security_appliance_software | 9.2.3.4 | |
| cisco | adaptive_security_appliance_software | 9.2.4 | |
| cisco | adaptive_security_appliance_software | 9.2.4.2 | |
| cisco | adaptive_security_appliance_software | 9.2.4.4 | |
| cisco | adaptive_security_appliance_software | 9.2.4.8 | |
| cisco | adaptive_security_appliance_software | 9.2.4.10 | |
| cisco | adaptive_security_appliance_software | 9.3\(1.50\) | |
| cisco | adaptive_security_appliance_software | 9.3\(1.105\) | |
| cisco | adaptive_security_appliance_software | 9.3\(2.100\) | |
| cisco | adaptive_security_appliance_software | 9.3\(2.243\) | |
| cisco | adaptive_security_appliance_software | 9.3.1 | |
| cisco | adaptive_security_appliance_software | 9.3.1.1 | |
| cisco | adaptive_security_appliance_software | 9.3.2 | |
| cisco | adaptive_security_appliance_software | 9.3.2.2 | |
| cisco | adaptive_security_appliance_software | 9.3.3 | |
| cisco | adaptive_security_appliance_software | 9.3.3.1 | |
| cisco | adaptive_security_appliance_software | 9.3.3.2 | |
| cisco | adaptive_security_appliance_software | 9.3.3.5 | |
| cisco | adaptive_security_appliance_software | 9.3.3.6 | |
| cisco | adaptive_security_appliance_software | 9.3.3.9 | |
| cisco | adaptive_security_appliance_software | 9.3.3.10 | |
| cisco | adaptive_security_appliance_software | 9.3.3.11 | |
| cisco | adaptive_security_appliance_software | 9.4.0.115 | |
| cisco | adaptive_security_appliance_software | 9.4.1 | |
| cisco | adaptive_security_appliance_software | 9.4.1.1 | |
| cisco | adaptive_security_appliance_software | 9.4.1.2 | |
| cisco | adaptive_security_appliance_software | 9.4.1.3 | |
| cisco | adaptive_security_appliance_software | 9.4.1.5 | |
| cisco | adaptive_security_appliance_software | 9.4.2 | |
| cisco | adaptive_security_appliance_software | 9.4.2.3 | |
| cisco | adaptive_security_appliance_software | 9.4.3 | |
| cisco | adaptive_security_appliance_software | 9.4.3.3 | |
| cisco | adaptive_security_appliance_software | 9.4.3.4 | |
| cisco | adaptive_security_appliance_software | 9.4.3.6 | |
| cisco | adaptive_security_appliance_software | 9.4.3.8 | |
| cisco | adaptive_security_appliance_software | 9.4.3.11 | |
| cisco | adaptive_security_appliance_software | 9.4.3.12 | |
| cisco | adaptive_security_appliance_software | 9.5.1 | |
| cisco | adaptive_security_appliance_software | 9.5.2 | |
| cisco | adaptive_security_appliance_software | 9.5.2.6 | |
| cisco | adaptive_security_appliance_software | 9.5.2.10 | |
| cisco | adaptive_security_appliance_software | 9.5.2.14 | |
| cisco | adaptive_security_appliance_software | 9.6.0 | |
| cisco | adaptive_security_appliance_software | 9.6.1 | |
| cisco | adaptive_security_appliance_software | 9.6.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "500ED3CC-4FE8-4A24-ACFE-8D7E35E50D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD2AE76B-D04E-4D0C-85E4-8AD07F7BDEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E1C03C-0737-4E2B-B3F9-10770281F4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7052D2-0789-4A4D-917D-FCD894B7280F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0956F0A8-7424-437C-AAD8-203183BEBFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "49FB57F9-5B37-4509-B2EB-6A16DFE11F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "952F6504-9CD0-453E-8C25-02BB9EE818F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E842AF74-D1E3-4F71-80F9-197B38942405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B97FB1-CC3A-40B5-853D-476E6C5D9D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6293A8-C21E-46F6-ACC1-6BBAD419B41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1A48B1-112A-41C2-BC01-BCCF5794553D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AE7036-C8EE-441F-94A4-DE8A9E89CA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "6448B4B4-022D-4D4A-A6DE-0090CEA12595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "42813600-3186-4D19-8AF2-F4F98D3C6740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0969E6-151D-4298-8EC8-68D7880E994B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0091CE-3386-4CCC-A2A8-900842EA6F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A450E0-09E4-44C5-B55C-78A4BDAADA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "8285C95A-316D-4965-A34D-3BCB9AB83FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "213F0A66-A71E-4B64-A66F-EA7B9C0D9151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "6D33B43A-1836-4402-AEAC-59CA8F44E3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
"matchCriteriaId": "07BC9E2D-0B86-4A82-8CB4-A31FFBF322CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)6:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B7B477-15FD-4198-B0D9-0F9A8A2E4C20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*",
"matchCriteriaId": "C6887033-E697-47D0-B6E0-61B64E9D3AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4714F698-BBAE-47BB-99E8-F90D22415EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55BC7E-0B3F-4202-8768-08F27B763926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB01683-C482-4A5B-90FA-B5266BEA452E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA16481A-4A47-4A8E-8C78-87B3A171280A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0258ED-6ED0-49C7-A13A-368711649FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7A71AA-E1A6-47B7-B2B2-A3115CAA4058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D448BB56-5B2E-4B3E-B7E8-1F4991F23D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0346EAC-BDD1-4DC5-B8CA-20579C44AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2049D602-54F1-4072-936E-0D7E337162B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0710D6C8-AD34-43E2-B72B-315FFF3DC34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "70F8F1D2-2196-44C4-B420-824F49BB4ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5E14B8D3-6D53-4E84-9B5D-24667B192C4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A05B2DFD-A0EF-42BE-B00B-334E78CA8C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CC96C9-492F-49CB-BEFE-356581E96B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F1F7D4-EC51-47D1-A71A-9EF98C51D388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5E93DE-06C0-401C-8062-1B2EB6EFDED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5EBFAB-25E2-4245-B748-92CAA943D4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BFB446-5747-42BB-98BC-B8DF250F1842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF48794-2E5D-4BE0-9BB5-49ADE34F4A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AAAB02-140D-46F2-A315-5791BF5A853F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB02DBE-6D60-4D0E-8E9D-7611C3C32748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31B4370A-84E5-4766-9D9D-EA1C53D73B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2F3C77-89CD-4990-98FA-E896079B6C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D03293-9765-46DB-B53D-1B23D5C14373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0286DAF0-FACA-4F94-82E9-EAED8750DB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E044883-9952-477A-B2AA-3E0BB90C96A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D83ED80-972A-4548-9AB0-10F9A23DF749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC41D4CD-D5EA-4678-B3AA-962C7C937118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "996C9552-5743-4639-A077-5B057605DF21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5779CE0-7691-47DA-902C-4D32D6650C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C69BE69-7C19-4ED3-98D3-04B1D41E56FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D12EFD-71D6-480E-97D5-278CCE4A7118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "56AE55AB-8170-4E3A-AF89-A8F79599901A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10653A-0E7C-4014-825D-76B5B438D378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "77642A96-EF7F-4138-97BC-B3793EE0FB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F53875-D589-4C34-B863-67AC9945BED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8870EB6E-DAE9-45F9-BBA5-2D20E5E00F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B313B0E-4200-427F-A156-1EDA681F439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C49821-3BA5-4B44-84F5-113024FD030F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2011F264-53A5-4507-843B-46F66D285ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "290AA0BD-EDB0-4BA4-BF85-9CF29A1B7908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "73FB7BAF-7B3E-4091-A90B-FB19B38FFE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2DA09B-CFBA-4FDE-A6D0-7C2CF202D72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE2EE9B-D44E-430D-8469-1DF0ADC322B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6B45EB-97BB-4683-9092-95E560B2585F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3AA854-0F4D-4B08-A249-B3C19C056D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "66E55E46-01F5-4C0D-8A69-1BBC590188BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D96BCCA3-958D-41C4-98CE-1A333F9667A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "245E680B-7A2D-4F98-9D59-6ECF70FE882B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C78E5C3-4D0D-4DFD-AA91-93DD58B195F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E29F95F5-6957-46F0-A0A2-CCACBBA14F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9EFD6D-A657-4102-982D-7634AC25E75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59593836-990A-4CF1-AFBC-516C4A318641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5479676D-6B3F-4154-B0D4-D2C81E6C941F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F062A64B-7184-49C6-BDF5-8A413B0A85F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0863F213-2EDF-4874-AFB3-E70B4B356BA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2780DD07-79B8-4096-A435-DB8FD6301E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2D8411-7317-4865-ADF9-279648210E0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el c\u00f3digo de Internet Key Exchange Version 1 (IKEv1) XAUTH de Cisco ASA Software podr\u00eda permitir a un atacante remoto autenticado provocar una recarga de un sistema afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de los par\u00e1metros IKEv1 XAUTH aprobados durante una negociaci\u00f3n IKEv1. Un atacante podr\u00eda explotar esta vulnerabilidad enviando par\u00e1metros manipulados. Nota: S\u00f3lo se puede utilizar el tr\u00e1fico dirigido al sistema afectado para explotar esta vulnerabilidad. Esta vulnerabilidad s\u00f3lo afecta a los sistemas configurados en el modo de firewall enrutado y en modo de contexto \u00fanico o m\u00faltiple. Esta vulnerabilidad puede ser desencadenada por el tr\u00e1fico IPv4 o IPv6. Se necesita establecer una IKEv1 Phase 1 v\u00e1lida para explotar esta vulnerabilidad, lo que significa que un atacante necesitar\u00eda tener conocimiento de una clave precompartida o tener un certificado v\u00e1lido para la autenticaci\u00f3n de fase 1. Esta vulnerabilidad afecta al software Cisco ASA que se ejecuta en los siguientes productos: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Versiones fijas: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685."
}
],
"id": "CVE-2017-6610",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-20T22:59:00.603",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97934"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1038314"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…