What is the severity of CVE-2017-6610?

CVE-2017-6610 has been rated as High severity due to the potential for an authenticated remote attacker to cause a reload of affected systems.

How do I fix CVE-2017-6610?

To fix CVE-2017-6610, update your Cisco ASA Software to a version that addresses this vulnerability.

Which Cisco Adaptive Security Appliance Software versions are affected by CVE-2017-6610?

CVE-2017-6610 affects multiple versions of Cisco Adaptive Security Appliance Software, including 9.0.1 through 9.0.4.40 and numerous versions in the 9.x range.

Can CVE-2017-6610 lead to data loss?

CVE-2017-6610 does not directly cause data loss but could lead to system downtime due to reloading affected systems.

What should I do if my system is affected by CVE-2017-6610?

If your system is affected by CVE-2017-6610, you should immediately plan for an upgrade to a secure version of Cisco ASA Software.

Vulnerability/
CVE-2017-6610

high

7.7

CWE

20 399

20/4/2017

15/8/2023

CVE-2017-6610: Input Validation

First published: Thu Apr 20 2017(Updated: )

A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid IKEv1 Phase 1 needs to be established to exploit this vulnerability, which means that an attacker would need to have knowledge of a pre-shared key or have a valid certificate for phase 1 authentication. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.7) 9.2(4.11) 9.4(4) 9.5(3) 9.6(1.5). Cisco Bug IDs: CSCuz11685.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Adaptive Security Appliance	=9.0.1
Cisco Adaptive Security Appliance	=9.0.2
Cisco Adaptive Security Appliance	=9.0.2.10
Cisco Adaptive Security Appliance	=9.0.3
Cisco Adaptive Security Appliance	=9.0.3.6
Cisco Adaptive Security Appliance	=9.0.3.8
Cisco Adaptive Security Appliance	=9.0.4
Cisco Adaptive Security Appliance	=9.0.4.1
Cisco Adaptive Security Appliance Software	=9.0.4.5
Cisco Adaptive Security Appliance Software	=9.0.4.7
Cisco Adaptive Security Appliance Software	=9.0.4.17
Cisco Adaptive Security Appliance Software	=9.0.4.20
Cisco Adaptive Security Appliance Software	=9.0.4.24
Cisco Adaptive Security Appliance Software	=9.0.4.26
Cisco Adaptive Security Appliance Software	=9.0.4.29
Cisco Adaptive Security Appliance Software	=9.0.4.33
Cisco Adaptive Security Appliance Software	=9.0.4.35
Cisco Adaptive Security Appliance Software	=9.0.4.37
Cisco Adaptive Security Appliance Software	=9.0.4.40
Cisco Adaptive Security Appliance Software	=9.0.4.42
Cisco Adaptive Security Appliance Software	=9.1\(7\)4
Cisco Adaptive Security Appliance Software	=9.1\(7\)6
Cisco Adaptive Security Appliance Software	=9.1\(7\)7
Cisco Adaptive Security Appliance Software	=9.1.1
Cisco Adaptive Security Appliance Software	=9.1.1.4
Cisco Adaptive Security Appliance Software	=9.1.2
Cisco Adaptive Security Appliance Software	=9.1.2.8
Cisco Adaptive Security Appliance Software	=9.1.3
Cisco Adaptive Security Appliance Software	=9.1.3.2
Cisco Adaptive Security Appliance Software	=9.1.4
Cisco Adaptive Security Appliance Software	=9.1.4.5
Cisco Adaptive Security Appliance Software	=9.1.5
Cisco Adaptive Security Appliance Software	=9.1.5.10
Cisco Adaptive Security Appliance Software	=9.1.5.12
Cisco Adaptive Security Appliance Software	=9.1.5.15
Cisco Adaptive Security Appliance Software	=9.1.5.21
Cisco Adaptive Security Appliance Software	=9.1.6
Cisco Adaptive Security Appliance Software	=9.1.6.1
Cisco Adaptive Security Appliance Software	=9.1.6.4
Cisco Adaptive Security Appliance Software	=9.1.6.6
Cisco Adaptive Security Appliance Software	=9.1.6.8
Cisco Adaptive Security Appliance Software	=9.1.6.10
Cisco Adaptive Security Appliance Software	=9.2\(0.0\)
Cisco Adaptive Security Appliance Software	=9.2\(0.104\)
Cisco Adaptive Security Appliance Software	=9.2\(3.1\)
Cisco Adaptive Security Appliance Software	=9.2.1
Cisco Adaptive Security Appliance Software	=9.2.2
Cisco Adaptive Security Appliance Software	=9.2.2.4
Cisco Adaptive Security Appliance Software	=9.2.2.7
Cisco Adaptive Security Appliance Software	=9.2.2.8
Cisco Adaptive Security Appliance Software	=9.2.3
Cisco Adaptive Security Appliance Software	=9.2.3.3
Cisco Adaptive Security Appliance Software	=9.2.3.4
Cisco Adaptive Security Appliance Software	=9.2.4
Cisco Adaptive Security Appliance Software	=9.2.4.2
Cisco Adaptive Security Appliance Software	=9.2.4.4
Cisco Adaptive Security Appliance Software	=9.2.4.8
Cisco Adaptive Security Appliance Software	=9.2.4.10
Cisco Adaptive Security Appliance Software	=9.3\(1.50\)
Cisco Adaptive Security Appliance Software	=9.3\(1.105\)
Cisco Adaptive Security Appliance Software	=9.3\(2.100\)
Cisco Adaptive Security Appliance Software	=9.3\(2.243\)
Cisco Adaptive Security Appliance Software	=9.3.1
Cisco Adaptive Security Appliance Software	=9.3.1.1
Cisco Adaptive Security Appliance Software	=9.3.2
Cisco Adaptive Security Appliance Software	=9.3.2.2
Cisco Adaptive Security Appliance Software	=9.3.3
Cisco Adaptive Security Appliance Software	=9.3.3.1
Cisco Adaptive Security Appliance Software	=9.3.3.2
Cisco Adaptive Security Appliance Software	=9.3.3.5
Cisco Adaptive Security Appliance Software	=9.3.3.6
Cisco Adaptive Security Appliance Software	=9.3.3.9
Cisco Adaptive Security Appliance Software	=9.3.3.10
Cisco Adaptive Security Appliance Software	=9.3.3.11
Cisco Adaptive Security Appliance Software	=9.4.0.115
Cisco Adaptive Security Appliance Software	=9.4.1
Cisco Adaptive Security Appliance Software	=9.4.1.1
Cisco Adaptive Security Appliance Software	=9.4.1.2
Cisco Adaptive Security Appliance Software	=9.4.1.3
Cisco Adaptive Security Appliance Software	=9.4.1.5
Cisco Adaptive Security Appliance Software	=9.4.2
Cisco Adaptive Security Appliance Software	=9.4.2.3
Cisco Adaptive Security Appliance Software	=9.4.3
Cisco Adaptive Security Appliance Software	=9.4.3.3
Cisco Adaptive Security Appliance Software	=9.4.3.4
Cisco Adaptive Security Appliance Software	=9.4.3.6
Cisco Adaptive Security Appliance Software	=9.4.3.8
Cisco Adaptive Security Appliance Software	=9.4.3.11
Cisco Adaptive Security Appliance Software	=9.4.3.12
Cisco Adaptive Security Appliance Software	=9.5.1
Cisco Adaptive Security Appliance Software	=9.5.2
Cisco Adaptive Security Appliance Software	=9.5.2.6
Cisco Adaptive Security Appliance Software	=9.5.2.10
Cisco Adaptive Security Appliance Software	=9.5.2.14
Cisco Adaptive Security Appliance Software	=9.6.0
Cisco Adaptive Security Appliance Software	=9.6.1
Cisco Adaptive Security Appliance Software	=9.6.1.3
Cisco Adaptive Security Appliance Software	=9.0.1
Cisco Adaptive Security Appliance Software	=9.0.2
Cisco Adaptive Security Appliance Software	=9.0.2.10
Cisco Adaptive Security Appliance Software	=9.0.3
Cisco Adaptive Security Appliance Software	=9.0.3.6
Cisco Adaptive Security Appliance Software	=9.0.3.8
Cisco Adaptive Security Appliance Software	=9.0.4
Cisco Adaptive Security Appliance Software	=9.0.4.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6610?
CVE-2017-6610 has been rated as High severity due to the potential for an authenticated remote attacker to cause a reload of affected systems.
How do I fix CVE-2017-6610?
To fix CVE-2017-6610, update your Cisco ASA Software to a version that addresses this vulnerability.
Which Cisco Adaptive Security Appliance Software versions are affected by CVE-2017-6610?
CVE-2017-6610 affects multiple versions of Cisco Adaptive Security Appliance Software, including 9.0.1 through 9.0.4.40 and numerous versions in the 9.x range.
Can CVE-2017-6610 lead to data loss?
CVE-2017-6610 does not directly cause data loss but could lead to system downtime due to reloading affected systems.
What should I do if my system is affected by CVE-2017-6610?
If your system is affected by CVE-2017-6610, you should immediately plan for an upgrade to a secure version of Cisco ASA Software.

agent/weakness
agent/references
agent/author
agent/type
agent/event
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/description
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco adaptive security appliance
version/cisco adaptive security appliance/9.0.1
version/cisco adaptive security appliance/9.0.2
version/cisco adaptive security appliance/9.0.2.10
version/cisco adaptive security appliance/9.0.3
version/cisco adaptive security appliance/9.0.3.6
version/cisco adaptive security appliance/9.0.3.8
version/cisco adaptive security appliance/9.0.4
version/cisco adaptive security appliance/9.0.4.1
canonical/cisco adaptive security appliance software
version/cisco adaptive security appliance software/9.0.4.5
version/cisco adaptive security appliance software/9.0.4.7
version/cisco adaptive security appliance software/9.0.4.17
version/cisco adaptive security appliance software/9.0.4.20
version/cisco adaptive security appliance software/9.0.4.24
version/cisco adaptive security appliance software/9.0.4.26
version/cisco adaptive security appliance software/9.0.4.29
version/cisco adaptive security appliance software/9.0.4.33
version/cisco adaptive security appliance software/9.0.4.35
version/cisco adaptive security appliance software/9.0.4.37
version/cisco adaptive security appliance software/9.0.4.40
version/cisco adaptive security appliance software/9.0.4.42
version/cisco adaptive security appliance software/9.1\(7\)4
version/cisco adaptive security appliance software/9.1\(7\)6
version/cisco adaptive security appliance software/9.1\(7\)7
version/cisco adaptive security appliance software/9.1.1
version/cisco adaptive security appliance software/9.1.1.4
version/cisco adaptive security appliance software/9.1.2
version/cisco adaptive security appliance software/9.1.2.8
version/cisco adaptive security appliance software/9.1.3
version/cisco adaptive security appliance software/9.1.3.2
version/cisco adaptive security appliance software/9.1.4
version/cisco adaptive security appliance software/9.1.4.5
version/cisco adaptive security appliance software/9.1.5
version/cisco adaptive security appliance software/9.1.5.10
version/cisco adaptive security appliance software/9.1.5.12
version/cisco adaptive security appliance software/9.1.5.15
version/cisco adaptive security appliance software/9.1.5.21
version/cisco adaptive security appliance software/9.1.6
version/cisco adaptive security appliance software/9.1.6.1
version/cisco adaptive security appliance software/9.1.6.4
version/cisco adaptive security appliance software/9.1.6.6
version/cisco adaptive security appliance software/9.1.6.8
version/cisco adaptive security appliance software/9.1.6.10
version/cisco adaptive security appliance software/9.2\(0.0\)
version/cisco adaptive security appliance software/9.2\(0.104\)
version/cisco adaptive security appliance software/9.2\(3.1\)
version/cisco adaptive security appliance software/9.2.1
version/cisco adaptive security appliance software/9.2.2
version/cisco adaptive security appliance software/9.2.2.4
version/cisco adaptive security appliance software/9.2.2.7
version/cisco adaptive security appliance software/9.2.2.8
version/cisco adaptive security appliance software/9.2.3
version/cisco adaptive security appliance software/9.2.3.3
version/cisco adaptive security appliance software/9.2.3.4
version/cisco adaptive security appliance software/9.2.4
version/cisco adaptive security appliance software/9.2.4.2
version/cisco adaptive security appliance software/9.2.4.4
version/cisco adaptive security appliance software/9.2.4.8
version/cisco adaptive security appliance software/9.2.4.10
version/cisco adaptive security appliance software/9.3\(1.50\)
version/cisco adaptive security appliance software/9.3\(1.105\)
version/cisco adaptive security appliance software/9.3\(2.100\)
version/cisco adaptive security appliance software/9.3\(2.243\)
version/cisco adaptive security appliance software/9.3.1
version/cisco adaptive security appliance software/9.3.1.1
version/cisco adaptive security appliance software/9.3.2
version/cisco adaptive security appliance software/9.3.2.2
version/cisco adaptive security appliance software/9.3.3
version/cisco adaptive security appliance software/9.3.3.1
version/cisco adaptive security appliance software/9.3.3.2
version/cisco adaptive security appliance software/9.3.3.5
version/cisco adaptive security appliance software/9.3.3.6
version/cisco adaptive security appliance software/9.3.3.9
version/cisco adaptive security appliance software/9.3.3.10
version/cisco adaptive security appliance software/9.3.3.11
version/cisco adaptive security appliance software/9.4.0.115
version/cisco adaptive security appliance software/9.4.1
version/cisco adaptive security appliance software/9.4.1.1
version/cisco adaptive security appliance software/9.4.1.2
version/cisco adaptive security appliance software/9.4.1.3
version/cisco adaptive security appliance software/9.4.1.5
version/cisco adaptive security appliance software/9.4.2
version/cisco adaptive security appliance software/9.4.2.3
version/cisco adaptive security appliance software/9.4.3
version/cisco adaptive security appliance software/9.4.3.3
version/cisco adaptive security appliance software/9.4.3.4
version/cisco adaptive security appliance software/9.4.3.6
version/cisco adaptive security appliance software/9.4.3.8
version/cisco adaptive security appliance software/9.4.3.11
version/cisco adaptive security appliance software/9.4.3.12
version/cisco adaptive security appliance software/9.5.1
version/cisco adaptive security appliance software/9.5.2
version/cisco adaptive security appliance software/9.5.2.6
version/cisco adaptive security appliance software/9.5.2.10
version/cisco adaptive security appliance software/9.5.2.14
version/cisco adaptive security appliance software/9.6.0
version/cisco adaptive security appliance software/9.6.1
version/cisco adaptive security appliance software/9.6.1.3
version/cisco adaptive security appliance software/9.0.1
version/cisco adaptive security appliance software/9.0.2
version/cisco adaptive security appliance software/9.0.2.10
version/cisco adaptive security appliance software/9.0.3
version/cisco adaptive security appliance software/9.0.3.6
version/cisco adaptive security appliance software/9.0.3.8
version/cisco adaptive security appliance software/9.0.4
version/cisco adaptive security appliance software/9.0.4.1

CVE-2017-6610: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6610?

How do I fix CVE-2017-6610?

Which Cisco Adaptive Security Appliance Software versions are affected by CVE-2017-6610?

Can CVE-2017-6610 lead to data loss?

What should I do if my system is affected by CVE-2017-6610?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-6610?

How do I fix CVE-2017-6610?

Which Cisco Adaptive Security Appliance Software versions are affected by CVE-2017-6610?

Can CVE-2017-6610 lead to data loss?

What should I do if my system is affected by CVE-2017-6610?