CVE-2017-3885
Severity CVSS v4.0:
Pending analysis
Type:
CWE-400
Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
07/04/2017
Last modified:
20/04/2025
Description
A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Products: This vulnerability affects Cisco Firepower System Software running software releases 6.0.0, 6.1.0, 6.2.0, or 6.2.1 when the device is configured with an SSL policy that has at least one rule specifying traffic decryption. More Information: CSCvc58563. Known Affected Releases: 6.0.0 6.1.0 6.2.0 6.2.1.
Impact
Base Score 3.x
5.90
Severity 3.x
MEDIUM
Base Score 2.0
7.10
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cisco:secure_firewall_management_center:6.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:secure_firewall_management_center:6.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:secure_firewall_management_center:6.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page