CVE-2017-3809

{"id": "CVE-2017-3809", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-02-03T07:59:00.687", "references": [{"url": "http://www.securityfocus.com/bid/95941", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1037776", "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fmc", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. More Information: CSCvb95281. Known Affected Releases: 6.1.0 6.2.0. Known Fixed Releases: 6.1.0.1 6.2.0."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00f3dulo de implementaci\u00f3n de Pol\u00edticas de Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto no autenticado prevenga el despliegue de una base de reglas completa y precisa. M\u00e1s informaci\u00f3n: CSCvb95281. Lanzamientos Afectados Conocidos: 6.1.0 6.2.0. Lanzamientos Reparados Conocidos: 6.1.0.1 6.2.0."}], "lastModified": "2017-07-25T01:29:08.467", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC1B12A-A2EC-4C24-AEBC-944AE2939458"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9641FE9B-BC9F-472F-B53B-F4287EE2F17A"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}