Vulnerability Details CVE-2017-3867
A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/96926
- http://www.securitytracker.com/id/1038051
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa
- http://www.securityfocus.com/bid/96926
- http://www.securitytracker.com/id/1038051
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa
Products affected by CVE-2017-3867
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:-
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:6.3.1
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.1
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.2
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.3
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.7
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.8
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.2.9
-
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.3