CVE-2017-6766

CWE-3104 documents4 sources

Severity

7.5HIGH

EPSS

0.2%

top 64.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firesight System Software

Timeline

PublishedAug 7

Latest updateMay 13

Description

A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system. The vulnerability is due to unexpected interaction with Known Key and Decrypt and Resign configuration settings of SSL policies when the affected software receives unexpected SSL packet headers. …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5cisco_firepower_system_softwareCisco Firepower System Software

▶NVDcisco/firesight_system_software7 versions+6

🔴Vulnerability Details

GHSA

GHSA-q3pq-v78p-xj7q: A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5↗2022-05-13

▶

CVEList

CVE-2017-6766: A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5↗2017-08-07

▶

📋Vendor Advisories

Cisco

Cisco Firepower System Software Secure Sockets Layer Policy Bypass Vulnerability↗2017-08-02

▶