Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-6607
HistoryApr 20, 2017 - 10:59 p.m.

CVE-2017-6607

2017-04-2022:59:00
CWE-399
[email protected]
web.nvd.nist.gov
8

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device’s local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Note: Only traffic directed to the affected device can be used to exploit this vulnerability. This vulnerability affects Cisco ASA Software configured in routed or transparent firewall mode and single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. This vulnerability affects Cisco ASA Software running on the following products: Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module, Cisco ISA 3000 Industrial Security Appliance. Fixed versions: 9.1(7.12) 9.2(4.18) 9.4(3.12) 9.5(3.2) 9.6(2.2). Cisco Bug IDs: CSCvb40898.

Affected configurations

Nvd
Node
ciscoadaptive_security_appliance_softwareMatch9.0.1
OR
ciscoadaptive_security_appliance_softwareMatch9.0.2
OR
ciscoadaptive_security_appliance_softwareMatch9.0.2.10
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3.6
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3.8
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.1
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.5
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.20
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.24
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.33
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.37
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.40
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.42
OR
ciscoadaptive_security_appliance_softwareMatch9.1\(7\)4
OR
ciscoadaptive_security_appliance_softwareMatch9.1\(7\)6
OR
ciscoadaptive_security_appliance_softwareMatch9.1\(7\)7
OR
ciscoadaptive_security_appliance_softwareMatch9.1\(7\)9
OR
ciscoadaptive_security_appliance_softwareMatch9.1\(7\)11
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.1.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.1.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.4.5
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.10
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.12
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.15
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.21
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.1
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.6
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.8
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.10
OR
ciscoadaptive_security_appliance_softwareMatch9.2\(0.0\)
OR
ciscoadaptive_security_appliance_softwareMatch9.2\(0.104\)
OR
ciscoadaptive_security_appliance_softwareMatch9.2\(3.1\)
OR
ciscoadaptive_security_appliance_softwareMatch9.2.1
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.2
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.8
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.10
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.13
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.14
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.16
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.3\(1.50\)
OR
ciscoadaptive_security_appliance_softwareMatch9.3\(1.105\)
OR
ciscoadaptive_security_appliance_softwareMatch9.3\(2.100\)
OR
ciscoadaptive_security_appliance_softwareMatch9.3\(2.243\)
OR
ciscoadaptive_security_appliance_softwareMatch9.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.2.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.5
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.6
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.9
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.10
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.3.5
OR
ciscoadaptive_security_appliance_softwareMatch9.4.0.115
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.4.2
OR
ciscoadaptive_security_appliance_softwareMatch9.4.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3.4
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3.6
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3.8
OR
ciscoadaptive_security_appliance_softwareMatch9.4.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.5.1
OR
ciscoadaptive_security_appliance_softwareMatch9.5.2
OR
ciscoadaptive_security_appliance_softwareMatch9.5.2.6
OR
ciscoadaptive_security_appliance_softwareMatch9.5.2.10
OR
ciscoadaptive_security_appliance_softwareMatch9.5.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.5.3
OR
ciscoadaptive_security_appliance_softwareMatch9.5.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.6.0
OR
ciscoadaptive_security_appliance_softwareMatch9.6.1
OR
ciscoadaptive_security_appliance_softwareMatch9.6.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.6.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.6.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.6.2
OR
ciscoadaptive_security_appliance_softwareMatch9.6.2.1
VendorProductVersionCPE
ciscoadaptive_security_appliance_software9.0.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2.10cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3.6cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3.8cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.5cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.7cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 1091

Related

cvelist 1
nessus 1
cve 1
openvas 1
prion 1
cisco 1
cvelist
cvelist
CVE-2017-6607
2017-04-20 22:00:00
nessus
nessus
Cisco ASA Software DNS Response Message Handling DoS (cisco-sa-20170419-asa-dns)
2017-04-25 00:00:00
cve
cve
CVE-2017-6607
2017-04-20 22:59:00
openvas
openvas
Cisco ASA Software DNS Denial of Service Vulnerability (cisco-sa-20170419-asa-dns)
2017-04-20 00:00:00
prion
prion
Design/Logic Flaw
2017-04-20 22:59:00
cisco
cisco
Cisco ASA Software DNS Denial of Service Vulnerability
2017-04-19 16:00:00

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

8.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON
Related for NVD:CVE-2017-6607
cvelist1nessus1cve1openvas1prion1cisco1