Sign-up

ID

VAR-201707-0898


CVE

CVE-2017-6726


TITLE

Cisco Prime Network Gateway of CLI Vulnerability in obtaining system process information

Trust: 0.8

sources: JVNDB: JVNDB-2017-005539

DESCRIPTION

A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. More Information: CSCvd59341. Known Affected Releases: 4.2(1.0)P1. Cisco PrimeNetwork is an integrated component of Cisco PrimeforIPNGNsuite and is a stand-alone product. Allow attackers to obtain sensitive information. This issue is being tracked by Cisco Bug ID CSCvd59341. CLI is one of those command line interfaces

Trust: 2.52

sources: NVD: CVE-2017-6726 // JVNDB: JVNDB-2017-005539 // CNVD: CNVD-2017-14611 // BID: 99456 // VULHUB: VHN-114929

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-14611

AFFECTED PRODUCTS

vendor:ciscomodel:prime networkscope:eqversion:4.2\(1.0\)p1

Trust: 1.6

vendor:ciscomodel:prime networkscope:eqversion:4.2(1.0)p1

Trust: 0.8

vendor:ciscomodel:prime networkscope: - version: -

Trust: 0.6

vendor:ciscomodel:prime network gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime network 4.2 p1scope: - version: -

Trust: 0.3

sources: CNVD: CNVD-2017-14611 // BID: 99456 // JVNDB: JVNDB-2017-005539 // CNNVD: CNNVD-201707-395 // NVD: CVE-2017-6726

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6726
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-6726
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-14611
value: LOW

Trust: 0.6

CNNVD: CNNVD-201707-395
value: LOW

Trust: 0.6

VULHUB: VHN-114929
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2017-6726
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-14611
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-114929
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6726
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-14611 // VULHUB: VHN-114929 // JVNDB: JVNDB-2017-005539 // CNNVD: CNNVD-201707-395 // NVD: CVE-2017-6726

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-114929 // JVNDB: JVNDB-2017-005539 // NVD: CVE-2017-6726

THREAT TYPE

local

Trust: 0.9

sources: BID: 99456 // CNNVD: CNNVD-201707-395

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201707-395

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-005539

PATCH
title:cisco-sa-20170705-cpnurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-cpn
Trust: 0.8
title:Cisco Prime Network Gateway CLI Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71593
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-005539 // 
            
            
            
            CNNVD: CNNVD-201707-395

EXTERNAL IDS
db:NVDid:CVE-2017-6726
Trust: 3.4
db:BIDid:99456
Trust: 2.0
db:JVNDBid:JVNDB-2017-005539
Trust: 0.8
db:CNNVDid:CNNVD-201707-395
Trust: 0.7
db:CNVDid:CNVD-2017-14611
Trust: 0.6
db:VULHUBid:VHN-114929
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-14611 // 
            
            
            
            VULHUB: VHN-114929 // 
            
            
            
            BID: 99456 // 
            
            
            
            JVNDB: JVNDB-2017-005539 // 
            
            
            
            CNNVD: CNNVD-201707-395 // 
            
            
            
            NVD: CVE-2017-6726

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170705-cpn
Trust: 2.0
url:http://www.securityfocus.com/bid/99456
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6726
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6726
Trust: 0.8
url:http://www.securityfocus.com/bid/99456/
Trust: 0.6
url:http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network/tsd-products-support-series-home.html
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-14611 // 
            
            
            
            VULHUB: VHN-114929 // 
            
            
            
            BID: 99456 // 
            
            
            
            JVNDB: JVNDB-2017-005539 // 
            
            
            
            CNNVD: CNNVD-201707-395 // 
            
            
            
            NVD: CVE-2017-6726

CREDITS
Yossi Meloch.
Trust: 0.3
sources:
            
            
            BID: 99456

SOURCES
db:CNVDid:CNVD-2017-14611
db:VULHUBid:VHN-114929
db:BIDid:99456
db:JVNDBid:JVNDB-2017-005539
db:CNNVDid:CNNVD-201707-395
db:NVDid:CVE-2017-6726

LAST UPDATE DATE
2025-04-20T23:30:55.052000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-14611date:2017-07-17T00:00:00
db:VULHUBid:VHN-114929date:2017-07-13T00:00:00
db:BIDid:99456date:2017-07-05T00:00:00
db:JVNDBid:JVNDB-2017-005539date:2017-07-31T00:00:00
db:CNNVDid:CNNVD-201707-395date:2017-07-11T00:00:00
db:NVDid:CVE-2017-6726date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-14611date:2017-07-14T00:00:00
db:VULHUBid:VHN-114929date:2017-07-10T00:00:00
db:BIDid:99456date:2017-07-05T00:00:00
db:JVNDBid:JVNDB-2017-005539date:2017-07-31T00:00:00
db:CNNVDid:CNNVD-201707-395date:2017-07-11T00:00:00
db:NVDid:CVE-2017-6726date:2017-07-10T20:29:00.423