CVE-2017-3793

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition. Cisco Bug IDs: CSCvb46321.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
ciscoadaptive_security_appliance_software
8.0.1.2
ciscoadaptive_security_appliance_software
8.0.2
ciscoadaptive_security_appliance_software
8.0.2.11
ciscoadaptive_security_appliance_software
8.0.2.15
ciscoadaptive_security_appliance_software
8.0.3
ciscoadaptive_security_appliance_software
8.0.3.6
ciscoadaptive_security_appliance_software
8.0.3.12
ciscoadaptive_security_appliance_software
8.0.3.19
ciscoadaptive_security_appliance_software
8.0.4
ciscoadaptive_security_appliance_software
8.0.4.3
ciscoadaptive_security_appliance_software
8.0.4.9
ciscoadaptive_security_appliance_software
8.0.4.16
ciscoadaptive_security_appliance_software
8.0.4.23
ciscoadaptive_security_appliance_software
8.0.4.25
ciscoadaptive_security_appliance_software
8.0.4.28
ciscoadaptive_security_appliance_software
8.0.4.31
ciscoadaptive_security_appliance_software
8.0.4.32
ciscoadaptive_security_appliance_software
8.0.4.33
ciscoadaptive_security_appliance_software
8.0.5
ciscoadaptive_security_appliance_software
8.0.5.20
ciscoadaptive_security_appliance_software
8.0.5.23
ciscoadaptive_security_appliance_software
8.0.5.25
ciscoadaptive_security_appliance_software
8.0.5.27
ciscoadaptive_security_appliance_software
8.0.5.28
ciscoadaptive_security_appliance_software
8.0.5.31
ciscoadaptive_security_appliance_software
8.1.0.104
ciscoadaptive_security_appliance_software
8.1.1
ciscoadaptive_security_appliance_software
8.1.1.6
ciscoadaptive_security_appliance_software
8.1.2
ciscoadaptive_security_appliance_software
8.1.2.13
ciscoadaptive_security_appliance_software
8.1.2.15
ciscoadaptive_security_appliance_software
8.1.2.16
ciscoadaptive_security_appliance_software
8.1.2.19
ciscoadaptive_security_appliance_software
8.1.2.23
ciscoadaptive_security_appliance_software
8.1.2.24
ciscoadaptive_security_appliance_software
8.1.2.49
ciscoadaptive_security_appliance_software
8.1.2.50
ciscoadaptive_security_appliance_software
8.1.2.55
ciscoadaptive_security_appliance_software
8.1.2.56
ciscoadaptive_security_appliance_software
8.2.0.45
ciscoadaptive_security_appliance_software
8.2.1
ciscoadaptive_security_appliance_software
8.2.1.11
ciscoadaptive_security_appliance_software
8.2.2
ciscoadaptive_security_appliance_software
8.2.2.9
ciscoadaptive_security_appliance_software
8.2.2.10
ciscoadaptive_security_appliance_software
8.2.2.12
ciscoadaptive_security_appliance_software
8.2.2.16
ciscoadaptive_security_appliance_software
8.2.2.17
ciscoadaptive_security_appliance_software
8.2.3
ciscoadaptive_security_appliance_software
8.2.4
ciscoadaptive_security_appliance_software
8.2.4.1
ciscoadaptive_security_appliance_software
8.2.4.4
ciscoadaptive_security_appliance_software
8.2.5
ciscoadaptive_security_appliance_software
8.2.5.13
ciscoadaptive_security_appliance_software
8.2.5.22
ciscoadaptive_security_appliance_software
8.2.5.26
ciscoadaptive_security_appliance_software
8.2.5.33
ciscoadaptive_security_appliance_software
8.2.5.40
ciscoadaptive_security_appliance_software
8.2.5.41
ciscoadaptive_security_appliance_software
8.2.5.46
ciscoadaptive_security_appliance_software
8.2.5.48
ciscoadaptive_security_appliance_software
8.2.5.50
ciscoadaptive_security_appliance_software
8.2.5.52
ciscoadaptive_security_appliance_software
8.2.5.55
ciscoadaptive_security_appliance_software
8.2.5.57
ciscoadaptive_security_appliance_software
8.2.5.59
ciscoadaptive_security_appliance_software
8.3.1
ciscoadaptive_security_appliance_software
8.3.1.1
ciscoadaptive_security_appliance_software
8.3.1.4
ciscoadaptive_security_appliance_software
8.3.1.6
ciscoadaptive_security_appliance_software
8.3.2
ciscoadaptive_security_appliance_software
8.3.2.4
ciscoadaptive_security_appliance_software
8.3.2.13
ciscoadaptive_security_appliance_software
8.3.2.23
ciscoadaptive_security_appliance_software
8.3.2.25
ciscoadaptive_security_appliance_software
8.3.2.31
ciscoadaptive_security_appliance_software
8.3.2.33
ciscoadaptive_security_appliance_software
8.3.2.34
ciscoadaptive_security_appliance_software
8.3.2.37
ciscoadaptive_security_appliance_software
8.3.2.39
ciscoadaptive_security_appliance_software
8.3.2.40
ciscoadaptive_security_appliance_software
8.3.2.41
ciscoadaptive_security_appliance_software
8.3.2.44
ciscoadaptive_security_appliance_software
8.4.0
ciscoadaptive_security_appliance_software
8.4.1
ciscoadaptive_security_appliance_software
8.4.1.3
ciscoadaptive_security_appliance_software
8.4.1.11
ciscoadaptive_security_appliance_software
8.4.2
ciscoadaptive_security_appliance_software
8.4.2.1
ciscoadaptive_security_appliance_software
8.4.2.8
ciscoadaptive_security_appliance_software
8.4.3
ciscoadaptive_security_appliance_software
8.4.3.8
ciscoadaptive_security_appliance_software
8.4.3.9
ciscoadaptive_security_appliance_software
8.4.4
ciscoadaptive_security_appliance_software
8.4.4.1
ciscoadaptive_security_appliance_software
8.4.4.3
ciscoadaptive_security_appliance_software
8.4.4.5
ciscoadaptive_security_appliance_software
8.4.4.9
ciscoadaptive_security_appliance_software
8.4.5
ciscoadaptive_security_appliance_software
8.4.5.6
ciscoadaptive_security_appliance_software
8.4.6
ciscoadaptive_security_appliance_software
8.4.7
ciscoadaptive_security_appliance_software
8.4.7.3
ciscoadaptive_security_appliance_software
8.4.7.15
ciscoadaptive_security_appliance_software
8.4.7.22
ciscoadaptive_security_appliance_software
8.4.7.23
ciscoadaptive_security_appliance_software
8.4.7.26
ciscoadaptive_security_appliance_software
8.4.7.28
ciscoadaptive_security_appliance_software
8.4.7.29
ciscoadaptive_security_appliance_software
8.5.1
ciscoadaptive_security_appliance_software
8.5.1.1
ciscoadaptive_security_appliance_software
8.5.1.6
ciscoadaptive_security_appliance_software
8.5.1.7
ciscoadaptive_security_appliance_software
8.5.1.14
ciscoadaptive_security_appliance_software
8.5.1.17
ciscoadaptive_security_appliance_software
8.5.1.18
ciscoadaptive_security_appliance_software
8.5.1.19
ciscoadaptive_security_appliance_software
8.5.1.21
ciscoadaptive_security_appliance_software
8.5.1.24
ciscoadaptive_security_appliance_software
8.6.1
ciscoadaptive_security_appliance_software
8.6.1.1
ciscoadaptive_security_appliance_software
8.6.1.2
ciscoadaptive_security_appliance_software
8.6.1.5
ciscoadaptive_security_appliance_software
8.6.1.10
ciscoadaptive_security_appliance_software
8.6.1.12
ciscoadaptive_security_appliance_software
8.6.1.13
ciscoadaptive_security_appliance_software
8.6.1.14
ciscoadaptive_security_appliance_software
8.6.1.17
ciscoadaptive_security_appliance_software
8.7.1
ciscoadaptive_security_appliance_software
8.7.1.1
ciscoadaptive_security_appliance_software
8.7.1.3
ciscoadaptive_security_appliance_software
8.7.1.4
ciscoadaptive_security_appliance_software
8.7.1.7
ciscoadaptive_security_appliance_software
8.7.1.8
ciscoadaptive_security_appliance_software
8.7.1.11
ciscoadaptive_security_appliance_software
8.7.1.13
ciscoadaptive_security_appliance_software
8.7.1.16
ciscoadaptive_security_appliance_software
8.7.1.17
ciscoadaptive_security_appliance_software
9.0.1
ciscoadaptive_security_appliance_software
9.0.2
ciscoadaptive_security_appliance_software
9.0.2.10
ciscoadaptive_security_appliance_software
9.0.3
ciscoadaptive_security_appliance_software
9.0.3.6
ciscoadaptive_security_appliance_software
9.0.3.8
ciscoadaptive_security_appliance_software
9.0.4
ciscoadaptive_security_appliance_software
9.0.4.1
ciscoadaptive_security_appliance_software
9.0.4.5
ciscoadaptive_security_appliance_software
9.0.4.7
ciscoadaptive_security_appliance_software
9.0.4.17
ciscoadaptive_security_appliance_software
9.0.4.20
ciscoadaptive_security_appliance_software
9.0.4.24
ciscoadaptive_security_appliance_software
9.0.4.26
ciscoadaptive_security_appliance_software
9.0.4.29
ciscoadaptive_security_appliance_software
9.0.4.33
ciscoadaptive_security_appliance_software
9.0.4.35
ciscoadaptive_security_appliance_software
9.0.4.37
ciscoadaptive_security_appliance_software
9.0.4.40
ciscoadaptive_security_appliance_software
9.0.4.42
ciscoadaptive_security_appliance_software
9.1\(7\)4
ciscoadaptive_security_appliance_software
9.1\(7\)6
ciscoadaptive_security_appliance_software
9.1\(7\)7
ciscoadaptive_security_appliance_software
9.1\(7\)9
ciscoadaptive_security_appliance_software
9.1\(7\)11
ciscoadaptive_security_appliance_software
9.1\(7\)12
ciscoadaptive_security_appliance_software
9.1.1
ciscoadaptive_security_appliance_software
9.1.1.4
ciscoadaptive_security_appliance_software
9.1.2
ciscoadaptive_security_appliance_software
9.1.2.8
ciscoadaptive_security_appliance_software
9.1.3
ciscoadaptive_security_appliance_software
9.1.3.2
ciscoadaptive_security_appliance_software
9.1.4
ciscoadaptive_security_appliance_software
9.1.4.5
ciscoadaptive_security_appliance_software
9.1.5
ciscoadaptive_security_appliance_software
9.1.5.10
ciscoadaptive_security_appliance_software
9.1.5.12
ciscoadaptive_security_appliance_software
9.1.5.15
ciscoadaptive_security_appliance_software
9.1.5.21
ciscoadaptive_security_appliance_software
9.1.6
ciscoadaptive_security_appliance_software
9.1.6.1
ciscoadaptive_security_appliance_software
9.1.6.4
ciscoadaptive_security_appliance_software
9.1.6.6
ciscoadaptive_security_appliance_software
9.1.6.8
ciscoadaptive_security_appliance_software
9.1.6.10
ciscoadaptive_security_appliance_software
9.2\(0.0\)
ciscoadaptive_security_appliance_software
9.2\(0.104\)
ciscoadaptive_security_appliance_software
9.2\(3.1\)
ciscoadaptive_security_appliance_software
9.2.1
ciscoadaptive_security_appliance_software
9.2.2
ciscoadaptive_security_appliance_software
9.2.2.4
ciscoadaptive_security_appliance_software
9.2.2.7
ciscoadaptive_security_appliance_software
9.2.2.8
ciscoadaptive_security_appliance_software
9.2.3
ciscoadaptive_security_appliance_software
9.2.3.3
ciscoadaptive_security_appliance_software
9.2.3.4
ciscoadaptive_security_appliance_software
9.2.4
ciscoadaptive_security_appliance_software
9.2.4.2
ciscoadaptive_security_appliance_software
9.2.4.4
ciscoadaptive_security_appliance_software
9.2.4.8
ciscoadaptive_security_appliance_software
9.2.4.10
ciscoadaptive_security_appliance_software
9.2.4.13
ciscoadaptive_security_appliance_software
9.2.4.14
ciscoadaptive_security_appliance_software
9.2.4.16
ciscoadaptive_security_appliance_software
9.2.4.17
ciscoadaptive_security_appliance_software
9.3\(1.50\)
ciscoadaptive_security_appliance_software
9.3\(1.105\)
ciscoadaptive_security_appliance_software
9.3\(2.100\)
ciscoadaptive_security_appliance_software
9.3\(2.243\)
ciscoadaptive_security_appliance_software
9.3.1
ciscoadaptive_security_appliance_software
9.3.1.1
ciscoadaptive_security_appliance_software
9.3.2
ciscoadaptive_security_appliance_software
9.3.2.2
ciscoadaptive_security_appliance_software
9.3.3
ciscoadaptive_security_appliance_software
9.3.3.1
ciscoadaptive_security_appliance_software
9.3.3.2
ciscoadaptive_security_appliance_software
9.3.3.5
ciscoadaptive_security_appliance_software
9.3.3.6
ciscoadaptive_security_appliance_software
9.3.3.9
ciscoadaptive_security_appliance_software
9.3.3.10
ciscoadaptive_security_appliance_software
9.3.3.11
ciscoadaptive_security_appliance_software
9.3.5
ciscoadaptive_security_appliance_software
9.4.0.115
ciscoadaptive_security_appliance_software
9.4.1
ciscoadaptive_security_appliance_software
9.4.1.1
ciscoadaptive_security_appliance_software
9.4.1.2
ciscoadaptive_security_appliance_software
9.4.1.3
ciscoadaptive_security_appliance_software
9.4.1.5
ciscoadaptive_security_appliance_software
9.4.2
ciscoadaptive_security_appliance_software
9.4.2.3
ciscoadaptive_security_appliance_software
9.4.3
ciscoadaptive_security_appliance_software
9.4.3.3
ciscoadaptive_security_appliance_software
9.4.3.4
ciscoadaptive_security_appliance_software
9.4.3.6
ciscoadaptive_security_appliance_software
9.4.3.8
ciscoadaptive_security_appliance_software
9.4.3.11
ciscoadaptive_security_appliance_software
9.4.3.12
ciscoadaptive_security_appliance_software
9.4.4
ciscoadaptive_security_appliance_software
9.5.1
ciscoadaptive_security_appliance_software
9.5.2
ciscoadaptive_security_appliance_software
9.5.2.6
ciscoadaptive_security_appliance_software
9.5.2.10
ciscoadaptive_security_appliance_software
9.5.2.14
ciscoadaptive_security_appliance_software
9.5.3
ciscoadaptive_security_appliance_software
9.5.3.2
ciscoadaptive_security_appliance_software
9.5.3.3
ciscoadaptive_security_appliance_software
9.6.0
ciscoadaptive_security_appliance_software
9.6.1
ciscoadaptive_security_appliance_software
9.6.1.3
ciscoadaptive_security_appliance_software
9.6.1.5
ciscoadaptive_security_appliance_software
9.6.1.10
ciscoadaptive_security_appliance_software
9.6.2
ciscoadaptive_security_appliance_software
9.6.2.1
ciscoadaptive_security_appliance_software
9.6.2.2
ciscoadaptive_security_appliance_software
9.6.2.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/97923
http://www.securitytracker.com/id/1038329
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm
http://www.securityfocus.com/bid/97923
http://www.securitytracker.com/id/1038329
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm