Details of VAR-201710-0632

ID

VAR-201710-0632

CVE

CVE-2017-12246

TITLE

Cisco Adaptive Security Appliance Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-009264

DESCRIPTION

A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to the local IP address of an affected device. A successful exploit could allow the attacker to cause the affected device to reload. This vulnerability affects Cisco Adaptive Security Appliance (ASA) Software that is running on the following Cisco products: ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, ISA 3000 Industrial Security Appliance. Cisco Bug IDs: CSCvd59063. Vendors have confirmed this vulnerability Bug ID CSCvd59063 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. are all products of Cisco (Cisco)

Trust: 2.52

sources: NVD: CVE-2017-12246 // JVNDB: JVNDB-2017-009264 // CNVD: CNVD-2017-33343 // BID: 101165 // VULHUB: VHN-102749

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-33343

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8\(0.56\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4\(3\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x9.8(0.56)	Trust: 0.9
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x9.7(1)	Trust: 0.9
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x9.4(3)	Trust: 0.9
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.11	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.45	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.5	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.24	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.20	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.17	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.14	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.13.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.13	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.12.10	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.12	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3(10)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3.9)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3.8)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3.7)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3.11)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(2.243)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(2.100)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(1.50)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(1.105)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(1.1)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.29	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.26	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.24	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.20	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.17	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4(40)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2.10	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1.4.5	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1.4.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1.3.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.13.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.8)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.42)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.39)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.38)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.33)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.32)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.29)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.21)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.13)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.1)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.8)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.6)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.3)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.10)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.1)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(2.6)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(2.10)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(1.4)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.4.4.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.1.7.17	Trust: 0.3

sources: CNVD: CNVD-2017-33343 // BID: 101165 // JVNDB: JVNDB-2017-009264 // CNNVD: CNNVD-201710-059 // NVD: CVE-2017-12246

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12246
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-12246
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-33343
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201710-059
value:	HIGH
Trust: 0.6
VULHUB:	VHN-102749
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-12246
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-33343
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-102749
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12246
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-33343 // VULHUB: VHN-102749 // JVNDB: JVNDB-2017-009264 // CNNVD: CNNVD-201710-059 // NVD: CVE-2017-12246

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-20	Trust: 1.1

sources: VULHUB: VHN-102749 // JVNDB: JVNDB-2017-009264 // NVD: CVE-2017-12246

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-059

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201710-059

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009264

PATCH

title:	cisco-sa-20171004-asa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa	Trust: 0.8
title:	Patch for CiscoAdaptiveSecurityApplianceSoftware Denial of Service Vulnerability (CNVD-2017-33343)	url:	https://www.cnvd.org.cn/patchInfo/show/105790	Trust: 0.6
title:	Multiple Cisco product Adaptive Security Appliances Software Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100089	Trust: 0.6

sources: CNVD: CNVD-2017-33343 // JVNDB: JVNDB-2017-009264 // CNNVD: CNNVD-201710-059

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12246	Trust: 3.4
db:	BID	id:	101165	Trust: 2.6
db:	SECTRACK	id:	1039503	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-009264	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-059	Trust: 0.7
db:	CNVD	id:	CNVD-2017-33343	Trust: 0.6
db:	VULHUB	id:	VHN-102749	Trust: 0.1

sources: CNVD: CNVD-2017-33343 // VULHUB: VHN-102749 // BID: 101165 // JVNDB: JVNDB-2017-009264 // CNNVD: CNNVD-201710-059 // NVD: CVE-2017-12246

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171004-asa	Trust: 2.6
url:	http://www.securityfocus.com/bid/101165	Trust: 2.3
url:	http://www.securitytracker.com/id/1039503	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12246	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12246	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-33343 // VULHUB: VHN-102749 // BID: 101165 // JVNDB: JVNDB-2017-009264 // CNNVD: CNNVD-201710-059 // NVD: CVE-2017-12246

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101165

SOURCES

db:	CNVD	id:	CNVD-2017-33343
db:	VULHUB	id:	VHN-102749
db:	BID	id:	101165
db:	JVNDB	id:	JVNDB-2017-009264
db:	CNNVD	id:	CNNVD-201710-059
db:	NVD	id:	CVE-2017-12246

LAST UPDATE DATE

2024-11-23T22:12:50.009000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-33343	date:	2017-11-09T00:00:00
db:	VULHUB	id:	VHN-102749	date:	2019-10-09T00:00:00
db:	BID	id:	101165	date:	2017-10-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-009264	date:	2017-11-07T00:00:00
db:	CNNVD	id:	CNNVD-201710-059	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12246	date:	2024-11-21T03:09:07.037

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-33343	date:	2017-11-09T00:00:00
db:	VULHUB	id:	VHN-102749	date:	2017-10-05T00:00:00
db:	BID	id:	101165	date:	2017-10-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-009264	date:	2017-11-07T00:00:00
db:	CNNVD	id:	CNNVD-201710-059	date:	2017-10-05T00:00:00
db:	NVD	id:	CVE-2017-12246	date:	2017-10-05T07:29:00.357