Sign-up

ID

VAR-201707-0928


CVE

CVE-2017-6718


TITLE

Cisco IOS XR Software CLI In root Vulnerability with elevated privileges

Trust: 0.8

sources: JVNDB: JVNDB-2017-005309

DESCRIPTION

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb99384. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases: 6.2.11.3i.ROUT 6.2.1.29i.ROUT 6.2.1.26i.ROUT. Cisco IOSXR Software is a fully modular, distributed network operating system from Cisco's IOS software family, including IOST, IOSS, and IOSXR. An elevation of privilege vulnerability exists in CLL in Cisco IOSXR Software, which is caused by a program failing to properly set permissions for a binary file. A local attacker can exploit the vulnerability to overwrite the binaries on the file system by sending a specially crafted command to the affected device to raise the privilege to root. This issue is being tracked by Cisco Bug ID CSCvb99384

Trust: 2.52

sources: NVD: CVE-2017-6718 // JVNDB: JVNDB-2017-005309 // CNVD: CNVD-2017-11304 // BID: 99226 // VULHUB: VHN-114921

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-11304

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:eqversion:6.0.2.01

Trust: 1.6

vendor:ciscomodel:ios xrscope:eqversion:6.0.2

Trust: 1.6

vendor:ciscomodel:network convergence system series 6.2.1.basescope:eqversion:5000

Trust: 0.9

vendor:ciscomodel:ios xrscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xr softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xr softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network convergence system series 6.2.11.3i.routscope:neversion:5000

Trust: 0.3

vendor:ciscomodel:network convergence system series 6.2.1.29i.routscope:neversion:5000

Trust: 0.3

vendor:ciscomodel:network convergence system series 6.2.1.26i.routscope:neversion:5000

Trust: 0.3

sources: CNVD: CNVD-2017-11304 // BID: 99226 // JVNDB: JVNDB-2017-005309 // CNNVD: CNNVD-201706-998 // NVD: CVE-2017-6718

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6718
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-6718
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-11304
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201706-998
value: HIGH

Trust: 0.6

VULHUB: VHN-114921
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-6718
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-11304
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-114921
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6718
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-11304 // VULHUB: VHN-114921 // JVNDB: JVNDB-2017-005309 // CNNVD: CNNVD-201706-998 // NVD: CVE-2017-6718

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-114921 // JVNDB: JVNDB-2017-005309 // NVD: CVE-2017-6718

THREAT TYPE

local

Trust: 0.9

sources: BID: 99226 // CNNVD: CNNVD-201706-998

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201706-998

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-005309

PATCH
title:cisco-sa-20170621-ios1url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios1
Trust: 0.8
title:Patch for Cisco IOSXR Software Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/96439
Trust: 0.6
title:Cisco IOS XR Software Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71187
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-11304 // 
            
            
            
            JVNDB: JVNDB-2017-005309 // 
            
            
            
            CNNVD: CNNVD-201706-998

EXTERNAL IDS
db:NVDid:CVE-2017-6718
Trust: 3.4
db:BIDid:99226
Trust: 2.0
db:SECTRACKid:1038741
Trust: 1.1
db:JVNDBid:JVNDB-2017-005309
Trust: 0.8
db:CNNVDid:CNNVD-201706-998
Trust: 0.7
db:CNVDid:CNVD-2017-11304
Trust: 0.6
db:NSFOCUSid:36957
Trust: 0.6
db:VULHUBid:VHN-114921
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-11304 // 
            
            
            
            VULHUB: VHN-114921 // 
            
            
            
            BID: 99226 // 
            
            
            
            JVNDB: JVNDB-2017-005309 // 
            
            
            
            CNNVD: CNNVD-201706-998 // 
            
            
            
            NVD: CVE-2017-6718

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170621-ios1
Trust: 2.6
url:http://www.securityfocus.com/bid/99226
Trust: 1.7
url:http://www.securitytracker.com/id/1038741
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6718
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6718
Trust: 0.8
url:http://www.nsfocus.net/vulndb/36957
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-11304 // 
            
            
            
            VULHUB: VHN-114921 // 
            
            
            
            BID: 99226 // 
            
            
            
            JVNDB: JVNDB-2017-005309 // 
            
            
            
            CNNVD: CNNVD-201706-998 // 
            
            
            
            NVD: CVE-2017-6718

CREDITS
Cisco.
Trust: 0.9
sources:
            
            
            BID: 99226 // 
            
            
            
            CNNVD: CNNVD-201706-998

SOURCES
db:CNVDid:CNVD-2017-11304
db:VULHUBid:VHN-114921
db:BIDid:99226
db:JVNDBid:JVNDB-2017-005309
db:CNNVDid:CNNVD-201706-998
db:NVDid:CVE-2017-6718

LAST UPDATE DATE
2024-11-23T22:52:24.443000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-11304date:2017-06-26T00:00:00
db:VULHUBid:VHN-114921date:2017-07-07T00:00:00
db:BIDid:99226date:2017-06-21T00:00:00
db:JVNDBid:JVNDB-2017-005309date:2017-07-26T00:00:00
db:CNNVDid:CNNVD-201706-998date:2017-06-23T00:00:00
db:NVDid:CVE-2017-6718date:2024-11-21T03:30:22.363

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-11304date:2017-06-26T00:00:00
db:VULHUBid:VHN-114921date:2017-07-04T00:00:00
db:BIDid:99226date:2017-06-21T00:00:00
db:JVNDBid:JVNDB-2017-005309date:2017-07-26T00:00:00
db:CNNVDid:CNNVD-201706-998date:2017-06-23T00:00:00
db:NVDid:CVE-2017-6718date:2017-07-04T00:29:00.617