Details of VAR-201702-0789

ID

VAR-201702-0789

CVE

CVE-2017-3822

TITLE

Cisco Firepower Threat Defense of Firepower Device Manager Vulnerabilities that allow arbitrary entries to be added to the audit log

Trust: 0.8

sources: JVNDB: JVNDB-2017-001724

DESCRIPTION

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the following vulnerable products that have enabled FDM: ASA5506-X ASA5506W-X ASA5506H-X ASA5508-X ASA5516-X ASA5512-X ASA5515-X ASA5525-X ASA5545-X ASA5555-X. More Information: CSCvb86860. Known Affected Releases: FRANGELICO. Known Fixed Releases: 6.2.0. Cisco Firepower is a firewall device developed by Cisco. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug ID CSCvb86860. The vulnerability is caused by the program's insufficient validation of input. The following products are affected: Cisco ASA5506-X; ASA5506W-X; ASA5506H-X; ASA5508-X;

Trust: 2.52

sources: NVD: CVE-2017-3822 // JVNDB: JVNDB-2017-001724 // CNVD: CNVD-2017-01196 // BID: 95944 // VULHUB: VHN-112025

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-01196

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0	Trust: 1.6
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1	Trust: 0.9
vendor:	cisco	model:	asa5555-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5506-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5506h-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5506w-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5508-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5512-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5515-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5516-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5525-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asa5545-x	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1.x	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2	Trust: 0.3

sources: CNVD: CNVD-2017-01196 // BID: 95944 // JVNDB: JVNDB-2017-001724 // CNNVD: CNNVD-201702-014 // NVD: CVE-2017-3822

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3822
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-3822
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-01196
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201702-014
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-112025
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-3822
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-01196
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-112025
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3822
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-01196 // VULHUB: VHN-112025 // JVNDB: JVNDB-2017-001724 // CNNVD: CNNVD-201702-014 // NVD: CVE-2017-3822

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-112025 // JVNDB: JVNDB-2017-001724 // NVD: CVE-2017-3822

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-014

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201702-014

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-001724

PATCH

title:	cisco-sa-20170201-fpw2	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2	Trust: 0.8
title:	Patch for CiscoFirepowerThreatDefense Log Modification Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/89171	Trust: 0.6
title:	Multiple Cisco product Firepower Threat Defense Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67404	Trust: 0.6

sources: CNVD: CNVD-2017-01196 // JVNDB: JVNDB-2017-001724 // CNNVD: CNNVD-201702-014

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3822	Trust: 3.4
db:	BID	id:	95944	Trust: 2.0
db:	SECTRACK	id:	1037775	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-001724	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-014	Trust: 0.7
db:	CNVD	id:	CNVD-2017-01196	Trust: 0.6
db:	VULHUB	id:	VHN-112025	Trust: 0.1

sources: CNVD: CNVD-2017-01196 // VULHUB: VHN-112025 // BID: 95944 // JVNDB: JVNDB-2017-001724 // CNNVD: CNNVD-201702-014 // NVD: CVE-2017-3822

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170201-fpw2	Trust: 2.3
url:	http://www.securityfocus.com/bid/95944	Trust: 1.1
url:	http://www.securitytracker.com/id/1037775	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3822	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3822	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170201-fpw2	Trust: 0.3

sources: CNVD: CNVD-2017-01196 // VULHUB: VHN-112025 // BID: 95944 // JVNDB: JVNDB-2017-001724 // CNNVD: CNNVD-201702-014 // NVD: CVE-2017-3822

CREDITS

Cisco

Trust: 0.3

sources: BID: 95944

SOURCES

db:	CNVD	id:	CNVD-2017-01196
db:	VULHUB	id:	VHN-112025
db:	BID	id:	95944
db:	JVNDB	id:	JVNDB-2017-001724
db:	CNNVD	id:	CNNVD-201702-014
db:	NVD	id:	CVE-2017-3822

LAST UPDATE DATE

2024-11-23T23:05:29.287000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01196	date:	2017-02-10T00:00:00
db:	VULHUB	id:	VHN-112025	date:	2017-07-25T00:00:00
db:	BID	id:	95944	date:	2017-02-02T08:05:00
db:	JVNDB	id:	JVNDB-2017-001724	date:	2017-03-15T00:00:00
db:	CNNVD	id:	CNNVD-201702-014	date:	2017-02-08T00:00:00
db:	NVD	id:	CVE-2017-3822	date:	2024-11-21T03:26:11.033

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-01196	date:	2017-02-10T00:00:00
db:	VULHUB	id:	VHN-112025	date:	2017-02-03T00:00:00
db:	BID	id:	95944	date:	2017-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2017-001724	date:	2017-03-15T00:00:00
db:	CNNVD	id:	CNNVD-201702-014	date:	2017-02-08T00:00:00
db:	NVD	id:	CVE-2017-3822	date:	2017-02-03T07:59:00.890