Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-6609 (GCVE-0-2017-6609)
Vulnerability from cvelistv5 – Published: 2017-04-20 22:00 – Updated: 2024-08-05 15:33
VLAI?
EPSS
Summary
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco ASA Software |
Affected:
Cisco ASA Software
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"name": "1038316",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038316"
},
{
"name": "97936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASA Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco ASA Software"
}
]
}
],
"datePublic": "2017-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"name": "1038316",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038316"
},
{
"name": "97936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASA Software",
"version": {
"version_data": [
{
"version_value": "Cisco ASA Software"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"name": "1038316",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038316"
},
{
"name": "97936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6609",
"datePublished": "2017-04-20T22:00:00.000Z",
"dateReserved": "2017-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:33:20.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-Q432-P897-C2MP
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46
VLAI?
Details
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.
Severity ?
7.7 (High)
{
"affected": [],
"aliases": [
"CVE-2017-6609"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-20T22:59:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.",
"id": "GHSA-q432-p897-c2mp",
"modified": "2022-05-13T01:46:41Z",
"published": "2022-05-13T01:46:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6609"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97936"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038316"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2017-6609
Vulnerability from fkie_nvd - Published: 2017-04-20 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "500ED3CC-4FE8-4A24-ACFE-8D7E35E50D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD2AE76B-D04E-4D0C-85E4-8AD07F7BDEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E1C03C-0737-4E2B-B3F9-10770281F4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7052D2-0789-4A4D-917D-FCD894B7280F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0956F0A8-7424-437C-AAD8-203183BEBFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "49FB57F9-5B37-4509-B2EB-6A16DFE11F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "952F6504-9CD0-453E-8C25-02BB9EE818F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E842AF74-D1E3-4F71-80F9-197B38942405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B97FB1-CC3A-40B5-853D-476E6C5D9D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6293A8-C21E-46F6-ACC1-6BBAD419B41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1A48B1-112A-41C2-BC01-BCCF5794553D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AE7036-C8EE-441F-94A4-DE8A9E89CA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "6448B4B4-022D-4D4A-A6DE-0090CEA12595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "42813600-3186-4D19-8AF2-F4F98D3C6740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0969E6-151D-4298-8EC8-68D7880E994B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0091CE-3386-4CCC-A2A8-900842EA6F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A450E0-09E4-44C5-B55C-78A4BDAADA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "8285C95A-316D-4965-A34D-3BCB9AB83FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "213F0A66-A71E-4B64-A66F-EA7B9C0D9151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "6D33B43A-1836-4402-AEAC-59CA8F44E3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
"matchCriteriaId": "07BC9E2D-0B86-4A82-8CB4-A31FFBF322CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)6:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B7B477-15FD-4198-B0D9-0F9A8A2E4C20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*",
"matchCriteriaId": "C6887033-E697-47D0-B6E0-61B64E9D3AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4714F698-BBAE-47BB-99E8-F90D22415EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55BC7E-0B3F-4202-8768-08F27B763926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB01683-C482-4A5B-90FA-B5266BEA452E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA16481A-4A47-4A8E-8C78-87B3A171280A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0258ED-6ED0-49C7-A13A-368711649FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7A71AA-E1A6-47B7-B2B2-A3115CAA4058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D448BB56-5B2E-4B3E-B7E8-1F4991F23D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0346EAC-BDD1-4DC5-B8CA-20579C44AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2049D602-54F1-4072-936E-0D7E337162B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0710D6C8-AD34-43E2-B72B-315FFF3DC34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "70F8F1D2-2196-44C4-B420-824F49BB4ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5E14B8D3-6D53-4E84-9B5D-24667B192C4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A05B2DFD-A0EF-42BE-B00B-334E78CA8C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CC96C9-492F-49CB-BEFE-356581E96B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F1F7D4-EC51-47D1-A71A-9EF98C51D388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5E93DE-06C0-401C-8062-1B2EB6EFDED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5EBFAB-25E2-4245-B748-92CAA943D4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BFB446-5747-42BB-98BC-B8DF250F1842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF48794-2E5D-4BE0-9BB5-49ADE34F4A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AAAB02-140D-46F2-A315-5791BF5A853F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB02DBE-6D60-4D0E-8E9D-7611C3C32748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31B4370A-84E5-4766-9D9D-EA1C53D73B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2F3C77-89CD-4990-98FA-E896079B6C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D03293-9765-46DB-B53D-1B23D5C14373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0286DAF0-FACA-4F94-82E9-EAED8750DB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "25E77826-1208-4582-A94C-242B601BD456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DD617A59-2A4C-4264-BB5D-0126EF292079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E044883-9952-477A-B2AA-3E0BB90C96A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D83ED80-972A-4548-9AB0-10F9A23DF749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC41D4CD-D5EA-4678-B3AA-962C7C937118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "996C9552-5743-4639-A077-5B057605DF21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5779CE0-7691-47DA-902C-4D32D6650C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C69BE69-7C19-4ED3-98D3-04B1D41E56FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D12EFD-71D6-480E-97D5-278CCE4A7118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "56AE55AB-8170-4E3A-AF89-A8F79599901A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10653A-0E7C-4014-825D-76B5B438D378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "77642A96-EF7F-4138-97BC-B3793EE0FB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE9F46B-DD74-4295-BB6A-9239E29F4416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F53875-D589-4C34-B863-67AC9945BED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8870EB6E-DAE9-45F9-BBA5-2D20E5E00F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B313B0E-4200-427F-A156-1EDA681F439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C49821-3BA5-4B44-84F5-113024FD030F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2011F264-53A5-4507-843B-46F66D285ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "290AA0BD-EDB0-4BA4-BF85-9CF29A1B7908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "73FB7BAF-7B3E-4091-A90B-FB19B38FFE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2DA09B-CFBA-4FDE-A6D0-7C2CF202D72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE2EE9B-D44E-430D-8469-1DF0ADC322B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6B45EB-97BB-4683-9092-95E560B2585F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3AA854-0F4D-4B08-A249-B3C19C056D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "66E55E46-01F5-4C0D-8A69-1BBC590188BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D96BCCA3-958D-41C4-98CE-1A333F9667A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "245E680B-7A2D-4F98-9D59-6ECF70FE882B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C78E5C3-4D0D-4DFD-AA91-93DD58B195F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F831FD5A-1D54-4DFA-9AED-C3F2CBCE4069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E29F95F5-6957-46F0-A0A2-CCACBBA14F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9EFD6D-A657-4102-982D-7634AC25E75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59593836-990A-4CF1-AFBC-516C4A318641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5479676D-6B3F-4154-B0D4-D2C81E6C941F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F062A64B-7184-49C6-BDF5-8A413B0A85F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B574E7C0-95AA-4A24-9470-FA282192D85C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5B88C0-F809-4A58-9708-60C56129142C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0863F213-2EDF-4874-AFB3-E70B4B356BA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2780DD07-79B8-4096-A435-DB8FD6301E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2D8411-7317-4865-ADF9-279648210E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7AA7A9-F4DB-4BC1-9233-F72B66191F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8C893-BA42-4EE5-A790-13614A6B436F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "339ACF13-0E1F-48D6-9939-96B16AE857CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el c\u00f3digo IPsec de Cisco ASA Software podr\u00eda permitir a un atacante remoto autenticado provocar una recarga del sistema afectado. La vulnerabilidad se debe al an\u00e1lisis incorrecto de paquetes IPsec malformados. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes IPsec malformados al sistema afectado. Nota: S\u00f3lo se puede utilizar el tr\u00e1fico dirigido al sistema afectado para explotar esta vulnerabilidad. Esta vulnerabilidad afecta a los sistemas configurados s\u00f3lo en el modo enrutado de firewall y en modo de contexto \u00fanico o m\u00faltiple. Esta vulnerabilidad puede ser provocada por el tr\u00e1fico IPv4 e IPv6. Un atacante necesita establecer un t\u00fanel IPsec v\u00e1lido antes de explotar esta vulnerabilidad. Esta vulnerabilidad afecta al software Cisco ASA que se ejecuta en los siguientes productos: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Versiones fijadas: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
}
],
"id": "CVE-2017-6609",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-20T22:59:00.573",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97936"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1038316"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2017-05778
Vulnerability from cnvd - Published: 2017-05-02
VLAI Severity ?
Title
思科ASA Software Ipsec拒绝服务漏洞
Description
思科Adaptive Security Appliance (ASA) Software是思科ASA系列的核心操作系统。
思科ASA Software Ipsec存在拒绝服务漏洞,攻击者可利用该漏洞通过向受影响系统发送畸形IPsec数据包。导致受影响设备重新加载。
Severity
中
Patch Name
思科ASA Software Ipsec拒绝服务漏洞的补丁
Patch Description
思科Adaptive Security Appliance (ASA) Software是思科ASA系列的核心操作系统。
思科ASA Software Ipsec存在拒绝服务漏洞,攻击者可利用该漏洞通过向受影响系统发送畸形IPsec数据包。导致受影响设备重新加载。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec
https://nvd.nist.gov/vuln/detail/CVE-2017-6609
http://www.securityfocus.com/bid/97936
Impacted products
| Name | ['Cisco Adaptive Security Appliance (ASA) Software 9.0', 'Cisco Adaptive Security Appliance (ASA) Software 9.1', 'Cisco Adaptive Security Appliance (ASA) Software 9.2', 'Cisco Adaptive Security Appliance (ASA) Software 9.3', 'Cisco Adaptive Security Appliance (ASA) Software 9.4', 'Cisco Adaptive Security Appliance (ASA) Software 9.5', 'Cisco Adaptive Security Appliance (ASA) Software 9.6'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "97936"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-6609"
}
},
"description": "\u601d\u79d1Adaptive Security Appliance (ASA) Software\u662f\u601d\u79d1ASA\u7cfb\u5217\u7684\u6838\u5fc3\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u601d\u79d1ASA Software Ipsec\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7cfb\u7edf\u53d1\u9001\u7578\u5f62IPsec\u6570\u636e\u5305\u3002\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002",
"discovererName": "Cisco",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-05778",
"openTime": "2017-05-02",
"patchDescription": "\u601d\u79d1Adaptive Security Appliance (ASA) Software\u662f\u601d\u79d1ASA\u7cfb\u5217\u7684\u6838\u5fc3\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u601d\u79d1ASA Software Ipsec\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7cfb\u7edf\u53d1\u9001\u7578\u5f62IPsec\u6570\u636e\u5305\u3002\u5bfc\u81f4\u53d7\u5f71\u54cd\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u601d\u79d1ASA Software Ipsec\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Cisco Adaptive Security Appliance (ASA) Software 9.0",
"Cisco Adaptive Security Appliance (ASA) Software 9.1",
"Cisco Adaptive Security Appliance (ASA) Software 9.2",
"Cisco Adaptive Security Appliance (ASA) Software 9.3",
"Cisco Adaptive Security Appliance (ASA) Software 9.4",
"Cisco Adaptive Security Appliance (ASA) Software 9.5",
"Cisco Adaptive Security Appliance (ASA) Software 9.6"
]
},
"referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-6609\r\nhttp://www.securityfocus.com/bid/97936",
"serverity": "\u4e2d",
"submitTime": "2017-04-28",
"title": "\u601d\u79d1ASA Software Ipsec\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
CERTFR-2017-AVI-127
Vulnerability from certfr_avis - Published: 2017-04-20 - Updated: 2017-04-20
De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Adaptive Security Appliance | Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ASA 5500 Series Adaptive Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | Unified Communications Manager | Cisco Unified Communications Manager (CallManager) sans le dernier correctif de sécurité | ||
| Cisco | N/A | Firepower 9300 Series Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | Adaptive Security Appliance | Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ISA 3000 Industrial Security Appliance (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Sourcefire 3D System Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco Adaptive Security Virtual Appliance (ASAv, voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Cisco ASA 1000V Cloud Firewall (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Firepower 4100 Series Security Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco ASA Services Module pour les commutateurs Cisco Catalyst séries 6500 et les routeurs Cisco séries 7600 (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | Firepower Threat Defense | FirePOWER Threat Defense for Integrated Services Routers (ISRs, voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Industrial Security Appliance 3000 (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | FirePOWER 7000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | IOS XE | Cisco IOS et Cisco IOS XE avec le module EnergyWise activé, sans le dernier correctif de sécurité | ||
| Cisco | N/A | FirePOWER 8000 Series Appliances (voir sur le site du constructeur pour les versions vulnérables de Cisco Firepower System) | ||
| Cisco | N/A | Cisco Firepower 9300 ASA Security Module (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) | ||
| Cisco | N/A | Cisco ASA 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vulnérables de Cisco ASA) |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Adaptive Security Appliance",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 5500 Series Adaptive Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Unified Communications Manager (CallManager) sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Unified Communications Manager",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Firepower 9300 Series Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Adaptive Security Appliance",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ISA 3000 Industrial Security Appliance (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Sourcefire 3D System Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Adaptive Security Virtual Appliance (ASAv, voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 1000V Cloud Firewall (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Firepower 4100 Series Security Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA Services Module pour les commutateurs Cisco Catalyst s\u00e9ries 6500 et les routeurs Cisco s\u00e9ries 7600 (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER Threat Defense for Integrated Services Routers (ISRs, voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "Firepower Threat Defense",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Industrial Security Appliance 3000 (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER 7000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IOS et Cisco IOS XE avec le module EnergyWise activ\u00e9, sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "IOS XE",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "FirePOWER 8000 Series Appliances (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco Firepower System)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower 9300 ASA Security Module (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 5500-X Series Next-Generation Firewalls (voir sur le site du constructeur pour les versions vuln\u00e9rables de Cisco ASA)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3862"
},
{
"name": "CVE-2017-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3863"
},
{
"name": "CVE-2017-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3861"
},
{
"name": "CVE-2017-6609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6609"
},
{
"name": "CVE-2017-3808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3808"
},
{
"name": "CVE-2016-6368",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6368"
},
{
"name": "CVE-2017-6608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6608"
},
{
"name": "CVE-2017-6607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6607"
},
{
"name": "CVE-2017-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3860"
},
{
"name": "CVE-2017-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6610"
}
],
"initial_release_date": "2017-04-20T00:00:00",
"last_revision_date": "2017-04-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-xauth du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-fpsnort du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-ipsec du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-tls du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-dns du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-energywise du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-energywise"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-ucm du 19 avril 2017",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ucm"
}
],
"reference": "CERTFR-2017-AVI-127",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-xauth du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-ipsec du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-dns du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-energywise du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-fpsnort du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-ucm du 19 avril 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20170419-asa-tls du 19 avril 2017",
"url": null
}
]
}
GSD-2017-6609
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-6609",
"description": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.",
"id": "GSD-2017-6609"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-6609"
],
"details": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158.",
"id": "GSD-2017-6609",
"modified": "2023-12-13T01:21:09.644789Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASA Software",
"version": {
"version_data": [
{
"version_value": "Cisco ASA Software"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"name": "1038316",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038316"
},
{
"name": "97936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97936"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6609"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. An attacker needs to establish a valid IPsec tunnel before exploiting this vulnerability. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.8) 9.2(4.15) 9.4(4) 9.5(3.2) 9.6(2). Cisco Bug IDs: CSCun16158."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec"
},
{
"name": "97936",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97936"
},
{
"name": "1038316",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1038316"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
},
"lastModifiedDate": "2023-08-15T15:14Z",
"publishedDate": "2017-04-20T22:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…