What is the severity of CVE-2017-12244?

CVE-2017-12244 has a high severity rating due to its potential to cause denial of service.

How do I fix CVE-2017-12244?

To fix CVE-2017-12244, upgrade your Cisco Firepower System Software to the latest version provided by Cisco.

What can happen if CVE-2017-12244 is exploited?

Exploitation of CVE-2017-12244 can lead to high CPU utilization and unexpected restarts of the Snort process, resulting in a denial of service.

Which versions are affected by CVE-2017-12244?

CVE-2017-12244 affects multiple versions of Cisco Secure Firewall Management Center and Cisco Firepower Management Center from 6.0.0 to 6.2.2.

Is authentication required to exploit CVE-2017-12244?

No, CVE-2017-12244 can be exploited by an unauthenticated, remote attacker.

Vulnerability/
CVE-2017-12244

high

8.6

CWE

5/10/2017

26/11/2024

CVE-2017-12244: Input Validation

First published: Thu Oct 05 2017(Updated: 4 months ago)

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due to improper input validation of the fields in the IPv6 extension header packet. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability is specific to IPv6 traffic only. This vulnerability affects Cisco Firepower System Software Releases 6.0 and later when the software has one or more file action policies configured and is running on any of the following Cisco products: 3000 Series Industrial Security Appliances (ISR), Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls, Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, Firepower Threat Defense for Integrated Services Routers (ISRs), Firepower 2100 Series Security Appliances, Firepower 4100 Series Security Appliances, Firepower 9300 Series Security Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Cisco Bug IDs: CSCvd34776.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Secure Firewall Management Center	=6.0.0
Cisco Secure Firewall Management Center	=6.0.0.0
Cisco Secure Firewall Management Center	=6.0.0.1
Cisco Secure Firewall Management Center	=6.0.1
Cisco Secure Firewall Management Center	=6.0.1.3
Cisco Secure Firewall Management Center	=6.1.0
Cisco Secure Firewall Management Center	=6.1.0.3
Cisco Secure Firewall Management Center	=6.1.0.6
Cisco Secure Firewall Management Center	=6.2.0
Cisco Secure Firewall Management Center	=6.2.0.2
Cisco Secure Firewall Management Center	=6.2.1
Cisco Secure Firewall Management Center	=6.2.2
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.0.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.0.1
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.1
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.0.1.3
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.1.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.1.0.3
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.1.0.6
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.0
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.0.2
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.1
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software	=6.2.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-12244?
CVE-2017-12244 has a high severity rating due to its potential to cause denial of service.
How do I fix CVE-2017-12244?
To fix CVE-2017-12244, upgrade your Cisco Firepower System Software to the latest version provided by Cisco.
What can happen if CVE-2017-12244 is exploited?
Exploitation of CVE-2017-12244 can lead to high CPU utilization and unexpected restarts of the Snort process, resulting in a denial of service.
Which versions are affected by CVE-2017-12244?
CVE-2017-12244 affects multiple versions of Cisco Secure Firewall Management Center and Cisco Firepower Management Center from 6.0.0 to 6.2.2.
Is authentication required to exploit CVE-2017-12244?
No, CVE-2017-12244 can be exploited by an unauthenticated, remote attacker.

agent/references
agent/type
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco secure firewall management center
version/cisco secure firewall management center/6.0.0
version/cisco secure firewall management center/6.0.0.0
version/cisco secure firewall management center/6.0.0.1
version/cisco secure firewall management center/6.0.1
version/cisco secure firewall management center/6.0.1.3
version/cisco secure firewall management center/6.1.0
version/cisco secure firewall management center/6.1.0.3
version/cisco secure firewall management center/6.1.0.6
version/cisco secure firewall management center/6.2.0
version/cisco secure firewall management center/6.2.0.2
version/cisco secure firewall management center/6.2.1
version/cisco secure firewall management center/6.2.2
canonical/cisco firepower management center (fmc) and firepower threat defense (ftd) software
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.0.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.0.1
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.1
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.0.1.3
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.1.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.1.0.3
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.1.0.6
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.0
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.0.2
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.1
version/cisco firepower management center (fmc) and firepower threat defense (ftd) software/6.2.2