CVE-2017-6608 — Cisco Adaptive Security Appliance Software vulnerability

CWE-3994 documents4 sources

Severity

8.6HIGHNVD

EPSS

0.4%

top 37.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software

Timeline

PublishedApr 20

Latest updateMay 13

Description

A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects syst…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages1 packages

▶NVDcisco/adaptive_security_appliance_software71 versions+70

🔴Vulnerability Details

GHSA

GHSA-q2fv-3xmc-j293: A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote↗2022-05-13

▶

CVEList

CVE-2017-6608: A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote↗2017-04-20

▶

📋Vendor Advisories

Cisco

Cisco ASA Software SSL/TLS Denial of Service Vulnerability↗2017-04-19

▶