CVE-2017-3807
09.02.2017, 17:59
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal. Vulnerable Cisco ASA Software running on the following products may be affected by this vulnerability: Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ASA for Firepower 4100 Series. Cisco Bug IDs: CSCvc23838.Enginsight
Vendor | Product | Version |
---|---|---|
cisco | adaptive_security_appliance_software | 7.0.1 |
cisco | adaptive_security_appliance_software | 7.0.1.4 |
cisco | adaptive_security_appliance_software | 7.0.2 |
cisco | adaptive_security_appliance_software | 7.0.3 |
cisco | adaptive_security_appliance_software | 7.0.4 |
cisco | adaptive_security_appliance_software | 7.0.4.2 |
cisco | adaptive_security_appliance_software | 7.0.5 |
cisco | adaptive_security_appliance_software | 7.0.5.12 |
cisco | adaptive_security_appliance_software | 7.0.6 |
cisco | adaptive_security_appliance_software | 7.0.6.4 |
cisco | adaptive_security_appliance_software | 7.0.6.8 |
cisco | adaptive_security_appliance_software | 7.0.6.18 |
cisco | adaptive_security_appliance_software | 7.0.6.22 |
cisco | adaptive_security_appliance_software | 7.0.6.26 |
cisco | adaptive_security_appliance_software | 7.0.6.29 |
cisco | adaptive_security_appliance_software | 7.0.6.32 |
cisco | adaptive_security_appliance_software | 7.0.7 |
cisco | adaptive_security_appliance_software | 7.0.7.1 |
cisco | adaptive_security_appliance_software | 7.0.7.4 |
cisco | adaptive_security_appliance_software | 7.0.7.9 |
cisco | adaptive_security_appliance_software | 7.0.7.12 |
cisco | adaptive_security_appliance_software | 7.0.8 |
cisco | adaptive_security_appliance_software | 7.0.8.2 |
cisco | adaptive_security_appliance_software | 7.0.8.8 |
cisco | adaptive_security_appliance_software | 7.0.8.12 |
cisco | adaptive_security_appliance_software | 7.0.8.13 |
cisco | adaptive_security_appliance_software | 7.1.2 |
cisco | adaptive_security_appliance_software | 7.1.2.16 |
cisco | adaptive_security_appliance_software | 7.1.2.20 |
cisco | adaptive_security_appliance_software | 7.1.2.24 |
cisco | adaptive_security_appliance_software | 7.1.2.28 |
cisco | adaptive_security_appliance_software | 7.1.2.38 |
cisco | adaptive_security_appliance_software | 7.1.2.42 |
cisco | adaptive_security_appliance_software | 7.1.2.46 |
cisco | adaptive_security_appliance_software | 7.1.2.49 |
cisco | adaptive_security_appliance_software | 7.1.2.53 |
cisco | adaptive_security_appliance_software | 7.1.2.61 |
cisco | adaptive_security_appliance_software | 7.1.2.64 |
cisco | adaptive_security_appliance_software | 7.1.2.72 |
cisco | adaptive_security_appliance_software | 7.1.2.81 |
cisco | adaptive_security_appliance_software | 7.2.1 |
cisco | adaptive_security_appliance_software | 7.2.1.9 |
cisco | adaptive_security_appliance_software | 7.2.1.13 |
cisco | adaptive_security_appliance_software | 7.2.1.19 |
cisco | adaptive_security_appliance_software | 7.2.1.24 |
cisco | adaptive_security_appliance_software | 7.2.2 |
cisco | adaptive_security_appliance_software | 7.2.2.6 |
cisco | adaptive_security_appliance_software | 7.2.2.10 |
cisco | adaptive_security_appliance_software | 7.2.2.14 |
cisco | adaptive_security_appliance_software | 7.2.2.18 |
cisco | adaptive_security_appliance_software | 7.2.2.19 |
cisco | adaptive_security_appliance_software | 7.2.2.22 |
cisco | adaptive_security_appliance_software | 7.2.2.34 |
cisco | adaptive_security_appliance_software | 7.2.3 |
cisco | adaptive_security_appliance_software | 7.2.3.1 |
cisco | adaptive_security_appliance_software | 7.2.3.12 |
cisco | adaptive_security_appliance_software | 7.2.3.16 |
cisco | adaptive_security_appliance_software | 7.2.4 |
cisco | adaptive_security_appliance_software | 7.2.4.6 |
cisco | adaptive_security_appliance_software | 7.2.4.9 |
cisco | adaptive_security_appliance_software | 7.2.4.18 |
cisco | adaptive_security_appliance_software | 7.2.4.25 |
cisco | adaptive_security_appliance_software | 7.2.4.27 |
cisco | adaptive_security_appliance_software | 7.2.4.30 |
cisco | adaptive_security_appliance_software | 7.2.4.33 |
cisco | adaptive_security_appliance_software | 7.2.5 |
cisco | adaptive_security_appliance_software | 7.2.5.2 |
cisco | adaptive_security_appliance_software | 7.2.5.4 |
cisco | adaptive_security_appliance_software | 7.2.5.7 |
cisco | adaptive_security_appliance_software | 7.2.5.8 |
cisco | adaptive_security_appliance_software | 7.2.5.10 |
cisco | adaptive_security_appliance_software | 7.2.5.12 |
cisco | adaptive_security_appliance_software | 7.2.5.16 |
cisco | adaptive_security_appliance_software | 8.0.1.2 |
cisco | adaptive_security_appliance_software | 8.0.2 |
cisco | adaptive_security_appliance_software | 8.0.2.11 |
cisco | adaptive_security_appliance_software | 8.0.2.15 |
cisco | adaptive_security_appliance_software | 8.0.3 |
cisco | adaptive_security_appliance_software | 8.0.3.6 |
cisco | adaptive_security_appliance_software | 8.0.3.12 |
cisco | adaptive_security_appliance_software | 8.0.3.19 |
cisco | adaptive_security_appliance_software | 8.0.4 |
cisco | adaptive_security_appliance_software | 8.0.4.3 |
cisco | adaptive_security_appliance_software | 8.0.4.9 |
cisco | adaptive_security_appliance_software | 8.0.4.16 |
cisco | adaptive_security_appliance_software | 8.0.4.23 |
cisco | adaptive_security_appliance_software | 8.0.4.25 |
cisco | adaptive_security_appliance_software | 8.0.4.28 |
cisco | adaptive_security_appliance_software | 8.0.4.31 |
cisco | adaptive_security_appliance_software | 8.0.4.32 |
cisco | adaptive_security_appliance_software | 8.0.4.33 |
cisco | adaptive_security_appliance_software | 8.0.5 |
cisco | adaptive_security_appliance_software | 8.0.5.20 |
cisco | adaptive_security_appliance_software | 8.0.5.23 |
cisco | adaptive_security_appliance_software | 8.0.5.25 |
cisco | adaptive_security_appliance_software | 8.0.5.27 |
cisco | adaptive_security_appliance_software | 8.0.5.28 |
cisco | adaptive_security_appliance_software | 8.0.5.31 |
cisco | adaptive_security_appliance_software | 8.1.0.104 |
cisco | adaptive_security_appliance_software | 8.1.1 |
cisco | adaptive_security_appliance_software | 8.1.1.6 |
cisco | adaptive_security_appliance_software | 8.1.2 |
cisco | adaptive_security_appliance_software | 8.1.2.13 |
cisco | adaptive_security_appliance_software | 8.1.2.15 |
cisco | adaptive_security_appliance_software | 8.1.2.16 |
cisco | adaptive_security_appliance_software | 8.1.2.19 |
cisco | adaptive_security_appliance_software | 8.1.2.23 |
cisco | adaptive_security_appliance_software | 8.1.2.24 |
cisco | adaptive_security_appliance_software | 8.1.2.49 |
cisco | adaptive_security_appliance_software | 8.1.2.50 |
cisco | adaptive_security_appliance_software | 8.1.2.55 |
cisco | adaptive_security_appliance_software | 8.1.2.56 |
cisco | adaptive_security_appliance_software | 8.2.0.45 |
cisco | adaptive_security_appliance_software | 8.2.1 |
cisco | adaptive_security_appliance_software | 8.2.1.11 |
cisco | adaptive_security_appliance_software | 8.2.2 |
cisco | adaptive_security_appliance_software | 8.2.2.9 |
cisco | adaptive_security_appliance_software | 8.2.2.10 |
cisco | adaptive_security_appliance_software | 8.2.2.12 |
cisco | adaptive_security_appliance_software | 8.2.2.16 |
cisco | adaptive_security_appliance_software | 8.2.2.17 |
cisco | adaptive_security_appliance_software | 8.2.3 |
cisco | adaptive_security_appliance_software | 8.2.4 |
cisco | adaptive_security_appliance_software | 8.2.4.1 |
cisco | adaptive_security_appliance_software | 8.2.4.4 |
cisco | adaptive_security_appliance_software | 8.2.5 |
cisco | adaptive_security_appliance_software | 8.2.5.13 |
cisco | adaptive_security_appliance_software | 8.2.5.22 |
cisco | adaptive_security_appliance_software | 8.2.5.26 |
cisco | adaptive_security_appliance_software | 8.2.5.33 |
cisco | adaptive_security_appliance_software | 8.2.5.40 |
cisco | adaptive_security_appliance_software | 8.2.5.41 |
cisco | adaptive_security_appliance_software | 8.2.5.46 |
cisco | adaptive_security_appliance_software | 8.2.5.48 |
cisco | adaptive_security_appliance_software | 8.2.5.50 |
cisco | adaptive_security_appliance_software | 8.2.5.52 |
cisco | adaptive_security_appliance_software | 8.2.5.55 |
cisco | adaptive_security_appliance_software | 8.2.5.57 |
cisco | adaptive_security_appliance_software | 8.2.5.59 |
cisco | adaptive_security_appliance_software | 8.3.1 |
cisco | adaptive_security_appliance_software | 8.3.1.1 |
cisco | adaptive_security_appliance_software | 8.3.1.4 |
cisco | adaptive_security_appliance_software | 8.3.1.6 |
cisco | adaptive_security_appliance_software | 8.3.2 |
cisco | adaptive_security_appliance_software | 8.3.2.4 |
cisco | adaptive_security_appliance_software | 8.3.2.13 |
cisco | adaptive_security_appliance_software | 8.3.2.23 |
cisco | adaptive_security_appliance_software | 8.3.2.25 |
cisco | adaptive_security_appliance_software | 8.3.2.31 |
cisco | adaptive_security_appliance_software | 8.3.2.33 |
cisco | adaptive_security_appliance_software | 8.3.2.34 |
cisco | adaptive_security_appliance_software | 8.3.2.37 |
cisco | adaptive_security_appliance_software | 8.3.2.39 |
cisco | adaptive_security_appliance_software | 8.3.2.40 |
cisco | adaptive_security_appliance_software | 8.3.2.41 |
cisco | adaptive_security_appliance_software | 8.3.2.44 |
cisco | adaptive_security_appliance_software | 8.4.0 |
cisco | adaptive_security_appliance_software | 8.4.1 |
cisco | adaptive_security_appliance_software | 8.4.1.3 |
cisco | adaptive_security_appliance_software | 8.4.1.11 |
cisco | adaptive_security_appliance_software | 8.4.2 |
cisco | adaptive_security_appliance_software | 8.4.2.1 |
cisco | adaptive_security_appliance_software | 8.4.2.8 |
cisco | adaptive_security_appliance_software | 8.4.3 |
cisco | adaptive_security_appliance_software | 8.4.3.8 |
cisco | adaptive_security_appliance_software | 8.4.3.9 |
cisco | adaptive_security_appliance_software | 8.4.4 |
cisco | adaptive_security_appliance_software | 8.4.4.1 |
cisco | adaptive_security_appliance_software | 8.4.4.3 |
cisco | adaptive_security_appliance_software | 8.4.4.5 |
cisco | adaptive_security_appliance_software | 8.4.4.9 |
cisco | adaptive_security_appliance_software | 8.4.5 |
cisco | adaptive_security_appliance_software | 8.4.5.6 |
cisco | adaptive_security_appliance_software | 8.4.6 |
cisco | adaptive_security_appliance_software | 8.4.7 |
cisco | adaptive_security_appliance_software | 8.4.7.3 |
cisco | adaptive_security_appliance_software | 8.4.7.15 |
cisco | adaptive_security_appliance_software | 8.4.7.22 |
cisco | adaptive_security_appliance_software | 8.4.7.23 |
cisco | adaptive_security_appliance_software | 8.4.7.26 |
cisco | adaptive_security_appliance_software | 8.4.7.28 |
cisco | adaptive_security_appliance_software | 8.4.7.29 |
cisco | adaptive_security_appliance_software | 8.5.1 |
cisco | adaptive_security_appliance_software | 8.5.1.1 |
cisco | adaptive_security_appliance_software | 8.5.1.6 |
cisco | adaptive_security_appliance_software | 8.5.1.7 |
cisco | adaptive_security_appliance_software | 8.5.1.14 |
cisco | adaptive_security_appliance_software | 8.5.1.17 |
cisco | adaptive_security_appliance_software | 8.5.1.18 |
cisco | adaptive_security_appliance_software | 8.5.1.19 |
cisco | adaptive_security_appliance_software | 8.5.1.21 |
cisco | adaptive_security_appliance_software | 8.5.1.24 |
cisco | adaptive_security_appliance_software | 8.6.1 |
cisco | adaptive_security_appliance_software | 8.6.1.1 |
cisco | adaptive_security_appliance_software | 8.6.1.2 |
cisco | adaptive_security_appliance_software | 8.6.1.5 |
cisco | adaptive_security_appliance_software | 8.6.1.10 |
cisco | adaptive_security_appliance_software | 8.6.1.12 |
cisco | adaptive_security_appliance_software | 8.6.1.13 |
cisco | adaptive_security_appliance_software | 8.6.1.14 |
cisco | adaptive_security_appliance_software | 8.6.1.17 |
cisco | adaptive_security_appliance_software | 8.7.1 |
cisco | adaptive_security_appliance_software | 8.7.1.1 |
cisco | adaptive_security_appliance_software | 8.7.1.3 |
cisco | adaptive_security_appliance_software | 8.7.1.4 |
cisco | adaptive_security_appliance_software | 8.7.1.7 |
cisco | adaptive_security_appliance_software | 8.7.1.8 |
cisco | adaptive_security_appliance_software | 8.7.1.11 |
cisco | adaptive_security_appliance_software | 8.7.1.13 |
cisco | adaptive_security_appliance_software | 8.7.1.16 |
cisco | adaptive_security_appliance_software | 8.7.1.17 |
cisco | adaptive_security_appliance_software | 9.0.1 |
cisco | adaptive_security_appliance_software | 9.0.2 |
cisco | adaptive_security_appliance_software | 9.0.2.10 |
cisco | adaptive_security_appliance_software | 9.0.3 |
cisco | adaptive_security_appliance_software | 9.0.3.6 |
cisco | adaptive_security_appliance_software | 9.0.3.8 |
cisco | adaptive_security_appliance_software | 9.0.4 |
cisco | adaptive_security_appliance_software | 9.0.4.1 |
cisco | adaptive_security_appliance_software | 9.0.4.5 |
cisco | adaptive_security_appliance_software | 9.0.4.7 |
cisco | adaptive_security_appliance_software | 9.0.4.17 |
cisco | adaptive_security_appliance_software | 9.0.4.20 |
cisco | adaptive_security_appliance_software | 9.0.4.24 |
cisco | adaptive_security_appliance_software | 9.0.4.26 |
cisco | adaptive_security_appliance_software | 9.0.4.29 |
cisco | adaptive_security_appliance_software | 9.0.4.33 |
cisco | adaptive_security_appliance_software | 9.0.4.35 |
cisco | adaptive_security_appliance_software | 9.0.4.37 |
cisco | adaptive_security_appliance_software | 9.0.4.40 |
cisco | adaptive_security_appliance_software | 9.0.4.42 |
cisco | adaptive_security_appliance_software | 9.1\(7\)4 |
cisco | adaptive_security_appliance_software | 9.1\(7\)6 |
cisco | adaptive_security_appliance_software | 9.1\(7\)7 |
cisco | adaptive_security_appliance_software | 9.1\(7\)9 |
cisco | adaptive_security_appliance_software | 9.1\(7\)11 |
cisco | adaptive_security_appliance_software | 9.1\(7\)12 |
cisco | adaptive_security_appliance_software | 9.1.1 |
cisco | adaptive_security_appliance_software | 9.1.1.4 |
cisco | adaptive_security_appliance_software | 9.1.2 |
cisco | adaptive_security_appliance_software | 9.1.2.8 |
cisco | adaptive_security_appliance_software | 9.1.3 |
cisco | adaptive_security_appliance_software | 9.1.3.2 |
cisco | adaptive_security_appliance_software | 9.1.4 |
cisco | adaptive_security_appliance_software | 9.1.4.5 |
cisco | adaptive_security_appliance_software | 9.1.5 |
cisco | adaptive_security_appliance_software | 9.1.5.10 |
cisco | adaptive_security_appliance_software | 9.1.5.12 |
cisco | adaptive_security_appliance_software | 9.1.5.15 |
cisco | adaptive_security_appliance_software | 9.1.5.21 |
cisco | adaptive_security_appliance_software | 9.1.6 |
cisco | adaptive_security_appliance_software | 9.1.6.1 |
cisco | adaptive_security_appliance_software | 9.1.6.4 |
cisco | adaptive_security_appliance_software | 9.1.6.6 |
cisco | adaptive_security_appliance_software | 9.1.6.8 |
cisco | adaptive_security_appliance_software | 9.1.6.10 |
cisco | adaptive_security_appliance_software | 9.2\(0.0\) |
cisco | adaptive_security_appliance_software | 9.2\(0.104\) |
cisco | adaptive_security_appliance_software | 9.2\(3.1\) |
cisco | adaptive_security_appliance_software | 9.2.1 |
cisco | adaptive_security_appliance_software | 9.2.2 |
cisco | adaptive_security_appliance_software | 9.2.2.4 |
cisco | adaptive_security_appliance_software | 9.2.2.7 |
cisco | adaptive_security_appliance_software | 9.2.2.8 |
cisco | adaptive_security_appliance_software | 9.2.3 |
cisco | adaptive_security_appliance_software | 9.2.3.3 |
cisco | adaptive_security_appliance_software | 9.2.3.4 |
cisco | adaptive_security_appliance_software | 9.2.4 |
cisco | adaptive_security_appliance_software | 9.2.4.2 |
cisco | adaptive_security_appliance_software | 9.2.4.4 |
cisco | adaptive_security_appliance_software | 9.2.4.8 |
cisco | adaptive_security_appliance_software | 9.2.4.10 |
cisco | adaptive_security_appliance_software | 9.2.4.13 |
cisco | adaptive_security_appliance_software | 9.2.4.14 |
cisco | adaptive_security_appliance_software | 9.2.4.16 |
cisco | adaptive_security_appliance_software | 9.2.4.17 |
cisco | adaptive_security_appliance_software | 9.2.4.18 |
cisco | adaptive_security_appliance_software | 9.2.4.19 |
cisco | adaptive_security_appliance_software | 9.3\(1.50\) |
cisco | adaptive_security_appliance_software | 9.3\(1.105\) |
cisco | adaptive_security_appliance_software | 9.3\(2.100\) |
cisco | adaptive_security_appliance_software | 9.3\(2.243\) |
cisco | adaptive_security_appliance_software | 9.3.1 |
cisco | adaptive_security_appliance_software | 9.3.1.1 |
cisco | adaptive_security_appliance_software | 9.3.2 |
cisco | adaptive_security_appliance_software | 9.3.2.2 |
cisco | adaptive_security_appliance_software | 9.3.3 |
cisco | adaptive_security_appliance_software | 9.3.3.1 |
cisco | adaptive_security_appliance_software | 9.3.3.2 |
cisco | adaptive_security_appliance_software | 9.3.3.5 |
cisco | adaptive_security_appliance_software | 9.3.3.6 |
cisco | adaptive_security_appliance_software | 9.3.3.9 |
cisco | adaptive_security_appliance_software | 9.3.3.10 |
cisco | adaptive_security_appliance_software | 9.3.3.11 |
cisco | adaptive_security_appliance_software | 9.3.5 |
cisco | adaptive_security_appliance_software | 9.4.0.115 |
cisco | adaptive_security_appliance_software | 9.4.1 |
cisco | adaptive_security_appliance_software | 9.4.1.1 |
cisco | adaptive_security_appliance_software | 9.4.1.2 |
cisco | adaptive_security_appliance_software | 9.4.1.3 |
cisco | adaptive_security_appliance_software | 9.4.1.5 |
cisco | adaptive_security_appliance_software | 9.4.2 |
cisco | adaptive_security_appliance_software | 9.4.2.3 |
cisco | adaptive_security_appliance_software | 9.4.3 |
cisco | adaptive_security_appliance_software | 9.4.3.3 |
cisco | adaptive_security_appliance_software | 9.4.3.4 |
cisco | adaptive_security_appliance_software | 9.5.1 |
cisco | adaptive_security_appliance_software | 9.5.2 |
cisco | adaptive_security_appliance_software | 9.5.2.6 |
cisco | adaptive_security_appliance_software | 9.5.2.10 |
cisco | adaptive_security_appliance_software | 9.5.2.14 |
cisco | adaptive_security_appliance_software | 9.5.3 |
cisco | adaptive_security_appliance_software | 9.5.3.1 |
cisco | adaptive_security_appliance_software | 9.5.3.2 |
cisco | adaptive_security_appliance_software | 9.5.3.3 |
cisco | adaptive_security_appliance_software | 9.5.3.6 |
cisco | adaptive_security_appliance_software | 9.5.3.7 |
cisco | adaptive_security_appliance_software | 9.6.1.5 |
cisco | adaptive_security_appliance_software | 9.6.1.10 |
cisco | adaptive_security_appliance_software | 9.6.2 |
cisco | adaptive_security_appliance_software | 9.6.2.1 |
cisco | adaptive_security_appliance_software | 9.6.2.2 |
cisco | adaptive_security_appliance_software | 9.6.2.3 |
cisco | adaptive_security_appliance_software | 9.6.2.7 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References