Denial of service in Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC) - CVE-2017-6625
Published: May 3, 2017 / Updated: May 4, 2017
Vulnerability identifier: #VU6401
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-6625
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Detailed vulnerability description
The vulnerability alows a remote authenticated attacker to cause DoS condition on the target device.
The weakness exists due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker can send a specially crafted packets through a targeted system and cause an affected system to stop inspecting and processing packets.
Successful exploitation of the vulnerability may result in denial of service.
The weakness exists due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker can send a specially crafted packets through a targeted system and cause an affected system to stop inspecting and processing packets.
Successful exploitation of the vulnerability may result in denial of service.
How to mitigate CVE-2017-6625
Update to version 6.1.0.3.