← Back

CVE-2017-3867

nvd nist
Published: Mar 17, 2017Modified: May 13, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8).

Affected (9)

Cisco
1 product
Adaptive Security Appliance Software
Configuration A
9 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Adaptive Security Appliance Software
Version 6.3.1
Adaptive Security Appliance Software
Version 9.6.2.1
Adaptive Security Appliance Software
Version 9.6.2.2
Adaptive Security Appliance Software
Version 9.6.2.3
Adaptive Security Appliance Software
Version 9.6.2.7
Adaptive Security Appliance Software
Version 9.6.2.8
Adaptive Security Appliance Software
Version 9.6.2.9
Adaptive Security Appliance Software
Version 9.6.2
Adaptive Security Appliance Software
Version 9.6.3
Running on/withPlatform Versions
Cisco
Adaptive Security Appliance Software
All versions

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Source: psirt@cisco.com
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory

Timeline

No history available yet.