What is the severity of CVE-2017-6625?

CVE-2017-6625 is classified as a denial of service vulnerability, which can significantly impact the affected Cisco Firepower systems.

How do I fix CVE-2017-6625?

To mitigate CVE-2017-6625, users should upgrade their Cisco Firepower Threat Defense systems to versions 6.2.3 or later.

Who is affected by CVE-2017-6625?

CVE-2017-6625 affects Cisco Firepower Threat Defense systems running software versions 6.0.0 through 6.2.2.

What type of attack does CVE-2017-6625 enable?

CVE-2017-6625 enables authenticated, remote attackers to cause denial of service on affected Cisco Firepower systems.

Is CVE-2017-6625 exploitable without authentication?

No, CVE-2017-6625 requires an authenticated user to exploit the vulnerability and cause a denial of service.

Vulnerability/
CVE-2017-6625

high

7.1

CWE

399

3/5/2017

9/10/2019

CVE-2017-6625

First published: Wed May 03 2017(Updated: )

A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. This vulnerability affects Cisco Firepower System Software that is configured with the SSL policy feature. Cisco Bug IDs: CSCvc84361.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Firepower Threat Defense	=6.0.0
Cisco Firepower Threat Defense	=6.0.1
Cisco Firepower Threat Defense	=6.1.0
Cisco Firepower Threat Defense	=6.1.0.2
Cisco Firepower Threat Defense	=6.2.0
Cisco Firepower Threat Defense	=6.2.1
Cisco Firepower Threat Defense	=6.2.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6625?
CVE-2017-6625 is classified as a denial of service vulnerability, which can significantly impact the affected Cisco Firepower systems.
How do I fix CVE-2017-6625?
To mitigate CVE-2017-6625, users should upgrade their Cisco Firepower Threat Defense systems to versions 6.2.3 or later.
Who is affected by CVE-2017-6625?
CVE-2017-6625 affects Cisco Firepower Threat Defense systems running software versions 6.0.0 through 6.2.2.
What type of attack does CVE-2017-6625 enable?
CVE-2017-6625 enables authenticated, remote attackers to cause denial of service on affected Cisco Firepower systems.
Is CVE-2017-6625 exploitable without authentication?
No, CVE-2017-6625 requires an authenticated user to exploit the vulnerability and cause a denial of service.

agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/event
agent/description
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco firepower threat defense
version/cisco firepower threat defense/6.0.0
version/cisco firepower threat defense/6.0.1
version/cisco firepower threat defense/6.1.0
version/cisco firepower threat defense/6.1.0.2
version/cisco firepower threat defense/6.2.0
version/cisco firepower threat defense/6.2.1
version/cisco firepower threat defense/6.2.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.