CiscoCVE-2017-6732CVE-2017-6732
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.2(2.1)PP1 4.2(3.0)PP6 4.3(0.0)PP4 4.3(1.0)PP2. Known Fixed Releases: 4.3(2).
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | prime_network | 4.2(2.1)pp1 | cpe:2.3:a:cisco:prime_network:4.2\(2.1\)pp1:*:*:*:*:*:*:* |
| cisco | prime_network | 4.2(3.0)pp6 | cpe:2.3:a:cisco:prime_network:4.2\(3.0\)pp6:*:*:*:*:*:*:* |
| cisco | prime_network | 4.3(0.0)pp4 | cpe:2.3:a:cisco:prime_network:4.3\(0.0\)pp4:*:*:*:*:*:*:* |
| cisco | prime_network | 4.3(1.0)pp2 | cpe:2.3:a:cisco:prime_network:4.3\(1.0\)pp2:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Cisco Prime Network",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Prime Network"
}
]
}
]Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%