Details of VAR-201707-0922

ID

VAR-201707-0922

CVE

CVE-2017-6712

TITLE

Cisco Elastic Services Controller On the server in certain commands root Vulnerabilities with elevated privileges

Trust: 0.8

sources: JVNDB: JVNDB-2017-005277

DESCRIPTION

A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634. An attacker can exploit this issue to execute arbitrary command on the affected system. This may aid in further attacks

Trust: 1.98

sources: NVD: CVE-2017-6712 // JVNDB: JVNDB-2017-005277 // BID: 99461 // VULHUB: VHN-114915

AFFECTED PRODUCTS

vendor:	cisco	model:	elastic services controller	scope:	eq	version:	2.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	2.3.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	1.0.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	1.1.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	2.1.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	2.2.0	Trust: 1.6
vendor:	cisco	model:	elastic services controller	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	virtual managed services	scope:	eq	version:	2.3(2)	Trust: 0.3
vendor:	cisco	model:	virtual managed services	scope:	eq	version:	2.2(9.76)	Trust: 0.3
vendor:	cisco	model:	elastic services controller	scope:	eq	version:	2.3.1	Trust: 0.3
vendor:	cisco	model:	elastic services controller	scope:	ne	version:	2.3.2	Trust: 0.3
vendor:	cisco	model:	elastic services controller	scope:	ne	version:	2.3.1.434	Trust: 0.3

sources: BID: 99461 // JVNDB: JVNDB-2017-005277 // CNNVD: CNNVD-201707-152 // NVD: CVE-2017-6712

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6712
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6712
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201707-152
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-114915
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6712
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114915
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6712
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114915 // JVNDB: JVNDB-2017-005277 // CNNVD: CNNVD-201707-152 // NVD: CVE-2017-6712

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.9

sources: VULHUB: VHN-114915 // JVNDB: JVNDB-2017-005277 // NVD: CVE-2017-6712

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-152

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201707-152

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005277

PATCH

title:	cisco-sa-20170705-esc1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-esc1	Trust: 0.8
title:	Cisco Elastic Services Controller Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71448	Trust: 0.6

sources: JVNDB: JVNDB-2017-005277 // CNNVD: CNNVD-201707-152

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6712	Trust: 2.8
db:	BID	id:	99461	Trust: 1.4
db:	JVNDB	id:	JVNDB-2017-005277	Trust: 0.8
db:	CNNVD	id:	CNNVD-201707-152	Trust: 0.7
db:	NSFOCUS	id:	37064	Trust: 0.6
db:	VULHUB	id:	VHN-114915	Trust: 0.1

sources: VULHUB: VHN-114915 // BID: 99461 // JVNDB: JVNDB-2017-005277 // CNNVD: CNNVD-201707-152 // NVD: CVE-2017-6712

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170705-esc1	Trust: 2.0
url:	http://www.securityfocus.com/bid/99461	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6712	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6712	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/37064	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-114915 // BID: 99461 // JVNDB: JVNDB-2017-005277 // CNNVD: CNNVD-201707-152 // NVD: CVE-2017-6712

CREDITS

Cisco

Trust: 0.3

sources: BID: 99461

SOURCES

db:	VULHUB	id:	VHN-114915
db:	BID	id:	99461
db:	JVNDB	id:	JVNDB-2017-005277
db:	CNNVD	id:	CNNVD-201707-152
db:	NVD	id:	CVE-2017-6712

LAST UPDATE DATE

2025-04-20T23:19:54.530000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114915	date:	2017-07-08T00:00:00
db:	BID	id:	99461	date:	2017-07-05T00:00:00
db:	JVNDB	id:	JVNDB-2017-005277	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201707-152	date:	2017-07-06T00:00:00
db:	NVD	id:	CVE-2017-6712	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114915	date:	2017-07-06T00:00:00
db:	BID	id:	99461	date:	2017-07-05T00:00:00
db:	JVNDB	id:	JVNDB-2017-005277	date:	2017-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201707-152	date:	2017-07-06T00:00:00
db:	NVD	id:	CVE-2017-6712	date:	2017-07-06T00:29:00.490