What is the severity of CVE-2017-3885?

CVE-2017-3885 has a medium severity rating due to its potential to lead to a denial of service condition.

How do I fix CVE-2017-3885?

To fix CVE-2017-3885, it is recommended to upgrade to a fixed version of Cisco Secure Firewall Management Center or Cisco Firepower Management Center Software.

What products are affected by CVE-2017-3885?

CVE-2017-3885 affects Cisco Secure Firewall Management Center and Cisco Firepower Management Center software versions 6.0.0 through 6.2.1.

Can CVE-2017-3885 be exploited remotely?

Yes, CVE-2017-3885 can be exploited by an unauthenticated remote attacker.

What is the impact of CVE-2017-3885 on affected systems?

The impact of CVE-2017-3885 on affected systems is high CPU resource consumption, potentially leading to service outage.

Vulnerability/
CVE-2017-3885

high

7.1

CWE

400

7/4/2017

26/11/2024

CVE-2017-3885

First published: Fri Apr 07 2017(Updated: )

A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Products: This vulnerability affects Cisco Firepower System Software running software releases 6.0.0, 6.1.0, 6.2.0, or 6.2.1 when the device is configured with an SSL policy that has at least one rule specifying traffic decryption. More Information: CSCvc58563. Known Affected Releases: 6.0.0 6.1.0 6.2.0 6.2.1.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Secure Firewall Management Center	=6.0.0
Cisco Secure Firewall Management Center	=6.1.0
Cisco Secure Firewall Management Center	=6.2.0
Cisco Secure Firewall Management Center	=6.2.1
Cisco Firepower Management Center Software	=6.0.0
Cisco Firepower Management Center Software	=6.1.0
Cisco Firepower Management Center Software	=6.2.0
Cisco Firepower Management Center Software	=6.2.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-3885?
CVE-2017-3885 has a medium severity rating due to its potential to lead to a denial of service condition.
How do I fix CVE-2017-3885?
To fix CVE-2017-3885, it is recommended to upgrade to a fixed version of Cisco Secure Firewall Management Center or Cisco Firepower Management Center Software.
What products are affected by CVE-2017-3885?
CVE-2017-3885 affects Cisco Secure Firewall Management Center and Cisco Firepower Management Center software versions 6.0.0 through 6.2.1.
Can CVE-2017-3885 be exploited remotely?
Yes, CVE-2017-3885 can be exploited by an unauthenticated remote attacker.
What is the impact of CVE-2017-3885 on affected systems?
The impact of CVE-2017-3885 on affected systems is high CPU resource consumption, potentially leading to service outage.

agent/references
agent/type
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/softwarecombine
agent/description
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco secure firewall management center
version/cisco secure firewall management center/6.0.0
version/cisco secure firewall management center/6.1.0
version/cisco secure firewall management center/6.2.0
version/cisco secure firewall management center/6.2.1
canonical/cisco firepower management center software
version/cisco firepower management center software/6.0.0
version/cisco firepower management center software/6.1.0
version/cisco firepower management center software/6.2.0
version/cisco firepower management center software/6.2.1