CVE-2017-3867

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance versions 9.6(2) through 9.6(2.7) Cisco Adaptive Security Appliance versions prior to 9.7(1.1) Cisco Adaptive Security Appliance versions prior to 96.2(0.109) Cisco Adaptive Security Appliance versions prior to 97.1(0.134) Cisco Adaptive Security Appliance versions prior to 97.1(6.58) Cisco Adaptive Security Appliance versions prior to 98.1(1.49) Cisco Adaptive Security Appliance versions prior to 98.1(12.7) Cisco Adaptive Security Appliance versions prior to 99.1(10.2) Cisco Adaptive Security Appliance versions prior to 99.1(20.1)

Description A vulnerability in the Border Gateway Protocol (BGP) and Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software is related to insufficient access control restrictions to certain features. The exploitation of this issue may allow a remote attacker to bypass the access control list (ACL) configuration for specific TCP and UDP traffic.

Recommendations For version 9.6(2), update to version 9.6(2.8) or later. For versions prior to 9.7(1.1), update to version 9.7(1.1) or later. For versions prior to 96.2(0.109), update to version 96.2(0.109) or later. For versions prior to 97.1(0.134), update to version 97.1(0.134) or later. For versions prior to 97.1(6.58), update to version 97.1(6.58) or later. For versions prior to 98.1(1.49), update to version 98.1(1.49) or later. For versions prior to 98.1(12.7), update to version 98.1(12.7) or later. For versions prior to 99.1(10.2), update to version 99.1(10.2) or later. For versions prior to 99.1(20.1), update to version 99.1(20.1) or later.