Vulnerability Details : CVE-2017-6766
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system. The vulnerability is due to unexpected interaction with Known Key and Decrypt and Resign configuration settings of SSL policies when the affected software receives unexpected SSL packet headers. An attacker could exploit this vulnerability by sending a crafted SSL packet through an affected device in a valid SSL session. A successful exploit could allow the attacker to bypass the SSL decryption and inspection policy for the affected system, which could allow traffic to flow through the system without being inspected. Cisco Bug IDs: CSCve12652.
Products affected by CVE-2017-6766
- cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firesight_system_software:6.2.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6766
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 48 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6766
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-6766
-
Assigned by: ykramarz@cisco.com (Secondary)
References for CVE-2017-6766
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-fpw
Cisco Firepower System Software Secure Sockets Layer Policy Bypass VulnerabilityVendor Advisory
-
https://quickview.cloudapps.cisco.com/quickview/bug/CSCve12652
Cisco Bug: CSCve12652 - Cisco Firepower System Software Secure Sockets Layer Policy Bypass VulnerabilityVendor Advisory
Jump to