CVE-2017-6632

Name of the Vulnerable Software and Affected Versions Cisco FirePOWER System Software versions 5.3.0 through 6.2.2

Description A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The issue arises from the logging of certain TCP packets by the affected software. An attacker could exploit this by sending a flood of crafted TCP packets to an affected device, potentially causing a DoS condition. The success of an exploit depends on how an administrator has configured logging for SSL policies for a device. This issue affects software configured to log connections by using SSL policy default actions.

Recommendations For Cisco FirePOWER System Software versions 5.3.0 through 6.2.2, consider disabling the logging of certain TCP packets by adjusting the SSL policy default actions to minimize the risk of exploitation until a patch is available. Restrict access to the logging configuration to prevent unauthorized changes.