Lucene search

[email protected]CVE-2017-6707

HistoryJul 06, 2017 - 12:29 a.m.

CVE-2017-6707

2017-07-0600:29:00

CWE-78

[email protected]

web.nvd.nist.gov

cisco

staros

cli

command parsing

vulnerability

cisco asr 5000

cisco 5500 series

cisco 5700 series

cisco virtualized packet core

vpc software

command injection

linux root user

cisco bug ids

cscvc69329

cscvc72930

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.9%

JSON

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.

Affected configurations

NVD

Node

ciscostarosMatch11.0_base

ciscostarosMatch12.0.0

ciscostarosMatch12.1_base

ciscostarosMatch12.2\(300\)

ciscostarosMatch12.2_base

ciscostarosMatch14.0\(600\)

ciscostarosMatch14.0.0

ciscostarosMatch15.0\(912\)

ciscostarosMatch15.0\(935\)

ciscostarosMatch15.0\(938\)

ciscostarosMatch15.0_base

ciscostarosMatch16.0\(900\)

ciscostarosMatch16.0.0

ciscostarosMatch16.1.0

ciscostarosMatch16.1.1

ciscostarosMatch16.1.2

ciscostarosMatch16.5.0

ciscostarosMatch16.5.2

ciscostarosMatch17.2.0

ciscostarosMatch17.2.0.59184

ciscostarosMatch17.3.0

ciscostarosMatch17.3.1

ciscostarosMatch17.3_base

ciscostarosMatch17.7.0

ciscostarosMatch18.0.0

ciscostarosMatch18.0.0.57828

ciscostarosMatch18.0.0.59167

ciscostarosMatch18.0.0.59211

ciscostarosMatch18.0.l0.59219

ciscostarosMatch18.1.0

ciscostarosMatch18.1.0.59776

ciscostarosMatch18.1.0.59780

ciscostarosMatch18.1_base

ciscostarosMatch18.3.0

ciscostarosMatch18.3_base

ciscostarosMatch18.4.0

ciscostarosMatch19.0.1

ciscostarosMatch19.0.m0.60737

ciscostarosMatch19.0.m0.60828

ciscostarosMatch19.0.m0.61045

ciscostarosMatch19.1.0

ciscostarosMatch19.1.0.61559

ciscostarosMatch19.2.0

ciscostarosMatch19.3.0

ciscostarosMatch20.0.0

ciscostarosMatch20.0.1.0

ciscostarosMatch20.0.1.a0

ciscostarosMatch20.0.1.v0

ciscostarosMatch20.0.2.3

ciscostarosMatch20.0.2.3.65026

ciscostarosMatch20.0.2.v1

ciscostarosMatch20.0.m0.62842

ciscostarosMatch20.0.m0.63229

ciscostarosMatch20.0.v0

ciscostarosMatch21.0.0

ciscostarosMatch21.0_base

ciscostarosMatch21.0_m0.64246

ciscostarosMatch21.0_m0.64702

CPENameOperatorVersion
cisco:staroscisco staroseq11.0_base
cisco:staroscisco staroseq12.0.0
cisco:staroscisco staroseq12.1_base
cisco:staroscisco staroseq12.2\(300\)
cisco:staroscisco staroseq12.2_base
cisco:staroscisco staroseq14.0\(600\)
cisco:staroscisco staroseq14.0.0
cisco:staroscisco staroseq15.0\(912\)
cisco:staroscisco staroseq15.0\(935\)
cisco:staroscisco staroseq15.0\(938\)

CPE	Name	Operator	Version
cisco:staros	cisco staros	eq	11.0_base
cisco:staros	cisco staros	eq	12.0.0
cisco:staros	cisco staros	eq	12.1_base
cisco:staros	cisco staros	eq	12.2\(300\)
cisco:staros	cisco staros	eq	12.2_base
cisco:staros	cisco staros	eq	14.0\(600\)
cisco:staros	cisco staros	eq	14.0.0
cisco:staros	cisco staros	eq	15.0\(912\)
cisco:staros	cisco staros	eq	15.0\(935\)
cisco:staros	cisco staros	eq	15.0\(938\)

Rows per page:

1-10 of 581

CNA Affected

[
  {
    "product": "Cisco StarOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco StarOS"
      }
    ]
  }
]

References

www.securityfocus.com/bid/99462

www.securitytracker.com/id/1038818

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.9%

JSON

Related for CVE-2017-6707

nessus1 prion1 cisco1 nvd1 cvelist1