CVE-2017-12261

🗓️ 02 Nov 2017 16:00:00Reported by ciscoType

A vulnerability in Cisco ISE restricted shell allows local attacker to run arbitrary CLI commands with elevated privileges via SS

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the command shell of the Cisco Identity Services Engine (ISE) platform allows a attacker to execute arbitrary commands with extended privileges.	15 Feb 201800:00	–	bdu_fstec
Cisco	Cisco Identity Services Engine Privilege Escalation Vulnerability	1 Nov 201716:00	–	cisco
Tenable Nessus	Cisco Identity Services Engine Privilege Escalation Vulnerability	9 Nov 201700:00	–	nessus
CNVD	Elevation of Privilege Vulnerability in Multiple Cisco Products	2 Nov 201700:00	–	cnvd
CVE	CVE-2017-12261	2 Nov 201716:00	–	cve
EUVD	EUVD-2017-3834	7 Oct 202500:30	–	euvd
NVD	CVE-2017-12261	2 Nov 201716:29	–	nvd
OSV	CVE-2017-12261	2 Nov 201716:29	–	osv
Prion	Input validation	2 Nov 201716:29	–	prion

[
  {
    "product": "Cisco Identity Services Engine",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Identity Services Engine"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/101641
securitytracker	www.securitytracker.com/id/1039717
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-ise

03 Nov 2017 09:57Current

7.7High risk

Vulners AI Score7.7

EPSS0.00046

CWE-264