Details of VAR-201709-1173

ID

VAR-201709-1173

CVE

CVE-2017-6794

TITLE

Cisco Meeting Server Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-007832

DESCRIPTION

A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials. The vulnerability is due to insufficient validation of user-supplied input at the CLI for certain commands. An attacker could exploit this vulnerability by authenticating to the affected application and submitting a crafted CLI command for execution at the Cisco Meeting Server CLI. An exploit could allow the attacker to perform command injection and escalate their privilege level to root. Vulnerable Products: This vulnerability exists in Cisco Meeting Server software versions prior to and including 2.0, 2.1, and 2.2. Cisco Bug IDs: CSCvf53830. Vendors have confirmed this vulnerability Bug ID CSCvf53830 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Trust: 1.98

sources: NVD: CVE-2017-6794 // JVNDB: JVNDB-2017-007832 // BID: 100464 // VULHUB: VHN-114997

AFFECTED PRODUCTS

vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.2	Trust: 1.9
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.16	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.13	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.3	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.15	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.10	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.11	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.2	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.14	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.12	Trust: 1.6
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.7	Trust: 1.3
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.3	Trust: 1.3
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.1	Trust: 1.3
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.1	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.5	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.7	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.4	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.9	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.8	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.9	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.8	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.5	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.4	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.6	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.10	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.0	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.11	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1.6	Trust: 1.0
vendor:	cisco	model:	meeting server	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.1	Trust: 0.3
vendor:	cisco	model:	meeting server	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 100464 // JVNDB: JVNDB-2017-007832 // CNNVD: CNNVD-201703-527 // NVD: CVE-2017-6794

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6794
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6794
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201703-527
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-114997
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6794
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114997
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6794
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114997 // JVNDB: JVNDB-2017-007832 // CNNVD: CNNVD-201703-527 // NVD: CVE-2017-6794

PROBLEMTYPE DATA

problemtype:	CWE-77	Trust: 1.9
problemtype:	CWE-20	Trust: 1.1

sources: VULHUB: VHN-114997 // JVNDB: JVNDB-2017-007832 // NVD: CVE-2017-6794

THREAT TYPE

local

Trust: 0.9

sources: BID: 100464 // CNNVD: CNNVD-201703-527

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201703-527

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-007832

PATCH

title:	cisco-sa-20170823-cms	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170823-cms	Trust: 0.8
title:	Cisco Meeting Server Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99678	Trust: 0.6

sources: JVNDB: JVNDB-2017-007832 // CNNVD: CNNVD-201703-527

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6794	Trust: 2.8
db:	BID	id:	100464	Trust: 2.0
db:	SECTRACK	id:	1039245	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-007832	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-527	Trust: 0.7
db:	VULHUB	id:	VHN-114997	Trust: 0.1

sources: VULHUB: VHN-114997 // BID: 100464 // JVNDB: JVNDB-2017-007832 // CNNVD: CNNVD-201703-527 // NVD: CVE-2017-6794

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170823-cms	Trust: 2.0
url:	http://www.securityfocus.com/bid/100464	Trust: 1.7
url:	http://www.securitytracker.com/id/1039245	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6794	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6794	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-114997 // BID: 100464 // JVNDB: JVNDB-2017-007832 // CNNVD: CNNVD-201703-527 // NVD: CVE-2017-6794

CREDITS

Cisco.

Trust: 0.3

sources: BID: 100464

SOURCES

db:	VULHUB	id:	VHN-114997
db:	BID	id:	100464
db:	JVNDB	id:	JVNDB-2017-007832
db:	CNNVD	id:	CNNVD-201703-527
db:	NVD	id:	CVE-2017-6794

LAST UPDATE DATE

2025-04-20T23:25:56.975000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114997	date:	2019-10-09T00:00:00
db:	BID	id:	100464	date:	2017-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-007832	date:	2017-10-03T00:00:00
db:	CNNVD	id:	CNNVD-201703-527	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-6794	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114997	date:	2017-09-07T00:00:00
db:	BID	id:	100464	date:	2017-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2017-007832	date:	2017-10-03T00:00:00
db:	CNNVD	id:	CNNVD-201703-527	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-6794	date:	2017-09-07T21:29:00.910