PatchSiren cyber security CVE debrief

CVE-2017-3809 Cisco CVE debrief

CVE-2017-3809 affects Cisco Firepower Management Center (FMC) policy deployment in the 6.1.0 and 6.2.0 releases. According to the CVE record, an unauthenticated remote attacker could interfere with policy deployment so the rule base is not complete or accurate. Cisco lists fixed releases 6.1.0.1 and 6.2.0, and NVD classifies the issue as network-reachable with low attack complexity and integrity impact.

Vendor: Cisco
Product: CVE-2017-3809
CVSS: MEDIUM 5.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-03
Original CVE updated: 2026-05-13
Advisory published: 2017-02-03
Advisory updated: 2026-05-13

Who should care

Cisco FMC administrators, security operations teams, and anyone relying on FMC-managed policy deployment in affected 6.1.0 or 6.2.0 environments should review this issue.

Technical summary

NVD maps the issue to Cisco Secure Firewall Management Center (FMC) 6.1.0 and 6.2.0 via vulnerable CPE criteria. The CVSS v3.0 vector is AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N, indicating a remotely reachable issue with no privileges or user interaction required and a limited integrity impact. NVD lists CWE-20 (improper input validation) as the associated weakness. The CVE description states the weakness is in the policy deployment module and may prevent deployment of a complete and accurate rule base.

Defensive priority

Medium. The issue is network-reachable and unauthenticated, but the supplied severity is CVSS 5.8 / Medium and the impact is described as integrity-only and limited. Prioritize remediation if FMC policy deployment integrity is operationally important.

Recommended defensive actions

Upgrade Cisco Firepower Management Center to a fixed release listed by Cisco: 6.1.0.1 or later for the 6.1.0 line, or the fixed 6.2.0 release noted in the CVE record.
Verify that policy deployments complete successfully after remediation and that the deployed rule base matches the intended configuration.
Review FMC deployment logs and change records for unexpected deployment failures or incomplete policy updates during the exposure window.
Track Cisco PSIRT advisory guidance referenced by the NVD record for any additional vendor-specific remediation details.

Evidence notes

All statements are derived from the supplied CVE/NVD corpus and the referenced Cisco advisory URL. The CVE was published on 2017-02-03T07:59:00.687Z and modified on 2026-05-13T00:24:29.033Z; those dates are used only as publication/modification context, not as the issue date. NVD lists affected CPEs for Cisco Secure Firewall Management Center 6.1.0 and 6.2.0 and identifies CWE-20. The supplied enrichment indicates no KEV listing.

Official resources

CVE-2017-3809 CVE record
CVE.org
CVE-2017-3809 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory

Published by CVE on 2017-02-03; modified in NVD on 2026-05-13. No KEV entry was supplied for this CVE.