SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Firewall)  >   Cisco ASA Vendors:   Cisco
Cisco ASA with FirePOWER Module ACL Policy Bug Lets Remote Authenticated Users Cause the Target Service to Stop Processing Packets
SecurityTracker Alert ID:  1038397
SecurityTracker URL:  http://securitytracker.com/id/1038397
CVE Reference:   CVE-2017-6625   (Links to External Site)
Date:  May 3 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.0.0, 6.0.1, 6.1.0, 6.1.0.2, 6.2.0, 6.2.1, 6.2.2
Description:   A vulnerability was reported in Cisco ASA with FirePOWER Module. A remote authenticated user can cause the target service to stop processing packets.

A remote authenticated user can exploit an SSL policy handling flaw in the access control policy of Cisco Firepower System Software and send specially crafted packets through the target system to cause the target service to stop processing packets.

The vendor has assigned bug ID CSCvc84361 to this vulnerability.

Impact:   A remote authenticated user can cause the target service to stop processing packets.
Solution:   The vendor has issued a fix (6.1.0.3).

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC