Lucene search

CiscoCVE-2017-6707

HistoryJul 06, 2017 - 12:29 a.m.

CVE-2017-6707

2017-07-0600:29:00

CWE-78

cisco

web.nvd.nist.gov

cisco

staros

cli

command parsing

vulnerability

cisco asr 5000

cisco 5500 series

cisco 5700 series

cisco virtualized packet core

vpc software

command injection

linux root user

cisco bug ids

cscvc69329

cscvc72930

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

Percentile

15.7%

JSON

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.

Affected configurations

Nvd

Node

ciscostarosMatch11.0_base

ciscostarosMatch12.0.0

ciscostarosMatch12.1_base

ciscostarosMatch12.2\(300\)

ciscostarosMatch12.2_base

ciscostarosMatch14.0\(600\)

ciscostarosMatch14.0.0

ciscostarosMatch15.0\(912\)

ciscostarosMatch15.0\(935\)

ciscostarosMatch15.0\(938\)

ciscostarosMatch15.0_base

ciscostarosMatch16.0\(900\)

ciscostarosMatch16.0.0

ciscostarosMatch16.1.0

ciscostarosMatch16.1.1

ciscostarosMatch16.1.2

ciscostarosMatch16.5.0

ciscostarosMatch16.5.2

ciscostarosMatch17.2.0

ciscostarosMatch17.2.0.59184

ciscostarosMatch17.3.0

ciscostarosMatch17.3.1

ciscostarosMatch17.3_base

ciscostarosMatch17.7.0

ciscostarosMatch18.0.0

ciscostarosMatch18.0.0.57828

ciscostarosMatch18.0.0.59167

ciscostarosMatch18.0.0.59211

ciscostarosMatch18.0.l0.59219

ciscostarosMatch18.1.0

ciscostarosMatch18.1.0.59776

ciscostarosMatch18.1.0.59780

ciscostarosMatch18.1_base

ciscostarosMatch18.3.0

ciscostarosMatch18.3_base

ciscostarosMatch18.4.0

ciscostarosMatch19.0.1

ciscostarosMatch19.0.m0.60737

ciscostarosMatch19.0.m0.60828

ciscostarosMatch19.0.m0.61045

ciscostarosMatch19.1.0

ciscostarosMatch19.1.0.61559

ciscostarosMatch19.2.0

ciscostarosMatch19.3.0

ciscostarosMatch20.0.0

ciscostarosMatch20.0.1.0

ciscostarosMatch20.0.1.a0

ciscostarosMatch20.0.1.v0

ciscostarosMatch20.0.2.3

ciscostarosMatch20.0.2.3.65026

ciscostarosMatch20.0.2.v1

ciscostarosMatch20.0.m0.62842

ciscostarosMatch20.0.m0.63229

ciscostarosMatch20.0.v0

ciscostarosMatch21.0.0

ciscostarosMatch21.0_base

ciscostarosMatch21.0_m0.64246

ciscostarosMatch21.0_m0.64702

VendorProductVersionCPE
ciscostaros11.0_basecpe:2.3:o:cisco:staros:11.0_base:*:*:*:*:*:*:*
ciscostaros12.0.0cpe:2.3:o:cisco:staros:12.0.0:*:*:*:*:*:*:*
ciscostaros12.1_basecpe:2.3:o:cisco:staros:12.1_base:*:*:*:*:*:*:*
ciscostaros12.2(300)cpe:2.3:o:cisco:staros:12.2\(300\):*:*:*:*:*:*:*
ciscostaros12.2_basecpe:2.3:o:cisco:staros:12.2_base:*:*:*:*:*:*:*
ciscostaros14.0(600)cpe:2.3:o:cisco:staros:14.0\(600\):*:*:*:*:*:*:*
ciscostaros14.0.0cpe:2.3:o:cisco:staros:14.0.0:*:*:*:*:*:*:*
ciscostaros15.0(912)cpe:2.3:o:cisco:staros:15.0\(912\):*:*:*:*:*:*:*
ciscostaros15.0(935)cpe:2.3:o:cisco:staros:15.0\(935\):*:*:*:*:*:*:*
ciscostaros15.0(938)cpe:2.3:o:cisco:staros:15.0\(938\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	staros	11.0_base	cpe:2.3:o:cisco:staros:11.0_base:::::::*
cisco	staros	12.0.0	cpe:2.3:o:cisco:staros:12.0.0:::::::*
cisco	staros	12.1_base	cpe:2.3:o:cisco:staros:12.1_base:::::::*
cisco	staros	12.2(300)	cpe:2.3:o:cisco:staros:12.2\(300\):::::::*
cisco	staros	12.2_base	cpe:2.3:o:cisco:staros:12.2_base:::::::*
cisco	staros	14.0(600)	cpe:2.3:o:cisco:staros:14.0\(600\):::::::*
cisco	staros	14.0.0	cpe:2.3:o:cisco:staros:14.0.0:::::::*
cisco	staros	15.0(912)	cpe:2.3:o:cisco:staros:15.0\(912\):::::::*
cisco	staros	15.0(935)	cpe:2.3:o:cisco:staros:15.0\(935\):::::::*
cisco	staros	15.0(938)	cpe:2.3:o:cisco:staros:15.0\(938\):::::::*

Rows per page:

1-10 of 581

CNA Affected

[
  {
    "product": "Cisco StarOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco StarOS"
      }
    ]
  }
]

References

www.securityfocus.com/bid/99462

www.securitytracker.com/id/1038818

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

Percentile

15.7%

JSON

Related for CVE-2017-6707