Details of VAR-201710-0630

ID

VAR-201710-0630

CVE

CVE-2017-12244

TITLE

Cisco Firepower System Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-008961

DESCRIPTION

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due to improper input validation of the fields in the IPv6 extension header packet. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability is specific to IPv6 traffic only. This vulnerability affects Cisco Firepower System Software Releases 6.0 and later when the software has one or more file action policies configured and is running on any of the following Cisco products: 3000 Series Industrial Security Appliances (ISR), Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, Firepower Threat Defense for Integrated Services Routers (ISRs), Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Cisco Bug IDs: CSCvd34776. Cisco Firepower System The software contains input validation vulnerabilities and resource management vulnerabilities. Vendors have confirmed this vulnerability Bug ID CSCvd34776 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. FirepowerSystemSoftware is a set of firewall software used in it

Trust: 2.52

sources: NVD: CVE-2017-12244 // JVNDB: JVNDB-2017-008961 // CNVD: CNVD-2017-33345 // BID: 101119 // VULHUB: VHN-102747

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-33345

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.1	Trust: 1.5
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.2	Trust: 1.5
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.1	Trust: 1.5
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.1.0.6	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.1.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.0.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.1.0.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0	Trust: 0.9
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0.0.1	Trust: 0.9
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.2.1	Trust: 0.9
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.2	Trust: 0.9
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.1	Trust: 0.9
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0.1	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0.1	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.1.0	Trust: 0.6
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.2.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0.3	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0.6	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.0.1	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.0.2	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.1.3	Trust: 0.6
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.1.0.2	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0.1.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	ne	version:	6.2.0.2	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	ne	version:	6.1.0.3	Trust: 0.3

sources: CNVD: CNVD-2017-33345 // BID: 101119 // JVNDB: JVNDB-2017-008961 // CNNVD: CNNVD-201710-061 // NVD: CVE-2017-12244

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12244
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-12244
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-33345
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201710-061
value:	HIGH
Trust: 0.6
VULHUB:	VHN-102747
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-12244
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-33345
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-102747
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12244
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-33345 // VULHUB: VHN-102747 // JVNDB: JVNDB-2017-008961 // CNNVD: CNNVD-201710-061 // NVD: CVE-2017-12244

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-399	Trust: 0.9

sources: VULHUB: VHN-102747 // JVNDB: JVNDB-2017-008961 // NVD: CVE-2017-12244

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-061

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201710-061

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008961

PATCH

title:	cisco-sa-20171004-fpsnort	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-fpsnort	Trust: 0.8
title:	Patch for Cisco Firepower System Software Denial of Service Vulnerability (CNVD-2017-33345)	url:	https://www.cnvd.org.cn/patchInfo/show/105787	Trust: 0.6
title:	Multiple Cisco product Firepower System Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75275	Trust: 0.6

sources: CNVD: CNVD-2017-33345 // JVNDB: JVNDB-2017-008961 // CNNVD: CNNVD-201710-061

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12244	Trust: 3.4
db:	BID	id:	101119	Trust: 2.6
db:	JVNDB	id:	JVNDB-2017-008961	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-061	Trust: 0.7
db:	CNVD	id:	CNVD-2017-33345	Trust: 0.6
db:	VULHUB	id:	VHN-102747	Trust: 0.1

sources: CNVD: CNVD-2017-33345 // VULHUB: VHN-102747 // BID: 101119 // JVNDB: JVNDB-2017-008961 // CNNVD: CNNVD-201710-061 // NVD: CVE-2017-12244

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171004-fpsnort	Trust: 2.6
url:	http://www.securityfocus.com/bid/101119	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12244	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12244	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-33345 // VULHUB: VHN-102747 // BID: 101119 // JVNDB: JVNDB-2017-008961 // CNNVD: CNNVD-201710-061 // NVD: CVE-2017-12244

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101119

SOURCES

db:	CNVD	id:	CNVD-2017-33345
db:	VULHUB	id:	VHN-102747
db:	BID	id:	101119
db:	JVNDB	id:	JVNDB-2017-008961
db:	CNNVD	id:	CNNVD-201710-061
db:	NVD	id:	CVE-2017-12244

LAST UPDATE DATE

2024-11-27T22:59:42.097000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-33345	date:	2017-11-09T00:00:00
db:	VULHUB	id:	VHN-102747	date:	2019-10-09T00:00:00
db:	BID	id:	101119	date:	2017-10-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-008961	date:	2017-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201710-061	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12244	date:	2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-33345	date:	2017-11-09T00:00:00
db:	VULHUB	id:	VHN-102747	date:	2017-10-05T00:00:00
db:	BID	id:	101119	date:	2017-10-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-008961	date:	2017-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201710-061	date:	2017-10-12T00:00:00
db:	NVD	id:	CVE-2017-12244	date:	2017-10-05T07:29:00.213