Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2017-6598
HistoryApr 07, 2017 - 5:59 p.m.

CVE-2017-6598

2017-04-0717:59:00
CWE-862
cisco
web.nvd.nist.gov
34
4
cve-2017-6598
privilege escalation
cisco
ucs manager
firepower
ngfw
security appliance
vulnerability
debug plug-in
arbitrary commands

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. More Information: CSCvb86725 CSCvb86797. Known Affected Releases: 2.0(1.68) 3.1(1k)A. Known Fixed Releases: 92.2(1.105) 92.1(1.1733) 2.1(1.69).

Affected configurations

Nvd
Node
ciscofirepower_extensible_operating_systemMatch2.0\(1.68\)
OR
ciscounified_computing_systemMatch3.1\(1k\)a
VendorProductVersionCPE
ciscofirepower_extensible_operating_system2.0(1.68)cpe:2.3:a:cisco:firepower_extensible_operating_system:2.0\(1.68\):*:*:*:*:*:*:*
ciscounified_computing_system3.1(1k)acpe:2.3:a:cisco:unified_computing_system:3.1\(1k\)a:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance"
      }
    ]
  }
]

Social References

More

Related

openvas 1
cvelist 1
prion 1
cisco 1
nvd 1
openvas
openvas
Cisco UCS Manager Debug Plug-in Privilege Escalation Vulnerability
2017-04-10 00:00:00
cvelist
cvelist
CVE-2017-6598
2017-04-07 17:00:00
prion
prion
Design/Logic Flaw
2017-04-07 17:59:00
cisco
cisco
Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Debug Plug-in Privilege Escalation Vulnerability
2017-04-05 16:00:00
nvd
nvd
CVE-2017-6598
2017-04-07 17:59:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2017-6598
openvas1cvelist1prion1cisco1nvd1