CVE-2017-3867

MEDIUM

Cisco ASA Software - ACL Bypass

Title source: llm

Description

A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8).

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/96926

[Mitigation, Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038051

Scores

CVSS v3 5.3

EPSS 0.0019

EPSS Percentile 40.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-287

Status draft

Affected Products (9)

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

cisco/adaptive_security_appliance_software

Timeline

Published Mar 17, 2017

Tracked Since Feb 18, 2026