Sign-up

ID

VAR-201709-0689


CVE

CVE-2017-12226


TITLE

Cisco IOS XE Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2017-008496

DESCRIPTION

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco New Generation Wireless Controllers (NGWC) 3850 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incomplete input validation of HTTP requests by the affected GUI, if the GUI connection state or protocol changes. An attacker could exploit this vulnerability by authenticating to the Wireless Controller GUI as a Lobby Administrator user of an affected device and subsequently changing the state or protocol for their connection to the GUI. A successful exploit could allow the attacker to elevate their privilege level to administrator and gain full control of the affected device. This vulnerability affects the following Cisco products if they are running Cisco IOS XE Software Release 3.7.0E, 3.7.1E, 3.7.2E, 3.7.3E, 3.7.4E, or 3.7.5E: Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, Cisco New Generation Wireless Controllers (NGWC) 3850. Cisco Bug IDs: CSCvd73746. Cisco IOS XE Contains vulnerabilities related to authorization, permissions, and access control. Vendors have confirmed this vulnerability Bug ID CSCvd73746 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Catalyst 4500E SupervisorEngine8-E (Wireless) Switches is a switch device. IOSXESoftware is a set of operating systems used in it. The WirelessControllerGUI is the graphical user interface of one of the wireless controllers. There are privilege escalation vulnerabilities in IOSXESoftware's Web-based WirelessControllerGUI in several Cisco products. IOS XE Software is an operating system used in it. 2E version, 3.7.3E version, 3.7.4E version, 3.7.5E version

Trust: 2.52

sources: NVD: CVE-2017-12226 // JVNDB: JVNDB-2017-008496 // CNVD: CNVD-2017-34215 // BID: 101063 // VULHUB: VHN-102727

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-34215

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:3.7.2e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.7.3e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.7.5e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.7.0e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.7.4e

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:3.7.1e

Trust: 1.6

vendor:ciscomodel:ios xe software 3.7.0escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe software 3.7.1escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe software 3.7.2escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe software 3.7.3escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe software 3.7.4escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xe software 3.7.5escope: - version: -

Trust: 0.9

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:new generation wireless controllersscope:eqversion:38500

Trust: 0.3

vendor:ciscomodel:catalyst 4500e supervisor engine 8-e switchesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:wireless lan controllersscope:eqversion:57600

Trust: 0.3

vendor:ciscomodel:series wireless lan controllersscope:eqversion:570010.3(141.0)

Trust: 0.3

sources: CNVD: CNVD-2017-34215 // BID: 101063 // JVNDB: JVNDB-2017-008496 // CNNVD: CNNVD-201709-1307 // NVD: CVE-2017-12226

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12226
value: HIGH

Trust: 1.0

NVD: CVE-2017-12226
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-34215
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201709-1307
value: HIGH

Trust: 0.6

VULHUB: VHN-102727
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12226
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-34215
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-102727
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12226
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-34215 // VULHUB: VHN-102727 // JVNDB: JVNDB-2017-008496 // CNNVD: CNNVD-201709-1307 // NVD: CVE-2017-12226

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-102727 // JVNDB: JVNDB-2017-008496 // NVD: CVE-2017-12226

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1307

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201709-1307

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-008496

PATCH
title:cisco-sa-20170927-ngwcurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ngwc
Trust: 0.8
title:Patch for Cisco IOSXESoftware Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/104525
Trust: 0.6
title:Multiple Cisco product IOS XE Software Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75192
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-34215 // 
            
            
            
            JVNDB: JVNDB-2017-008496 // 
            
            
            
            CNNVD: CNNVD-201709-1307

EXTERNAL IDS
db:NVDid:CVE-2017-12226
Trust: 3.4
db:BIDid:101063
Trust: 2.6
db:SECTRACKid:1039457
Trust: 1.7
db:SECTRACKid:1039456
Trust: 1.7
db:JVNDBid:JVNDB-2017-008496
Trust: 0.8
db:CNNVDid:CNNVD-201709-1307
Trust: 0.7
db:CNVDid:CNVD-2017-34215
Trust: 0.6
db:VULHUBid:VHN-102727
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-34215 // 
            
            
            
            VULHUB: VHN-102727 // 
            
            
            
            BID: 101063 // 
            
            
            
            JVNDB: JVNDB-2017-008496 // 
            
            
            
            CNNVD: CNNVD-201709-1307 // 
            
            
            
            NVD: CVE-2017-12226

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170927-ngwc
Trust: 2.6
url:http://www.securityfocus.com/bid/101063
Trust: 2.3
url:http://www.securitytracker.com/id/1039456
Trust: 1.7
url:http://www.securitytracker.com/id/1039457
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12226
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12226
Trust: 0.8
url:http://www.apache.org/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-34215 // 
            
            
            
            VULHUB: VHN-102727 // 
            
            
            
            BID: 101063 // 
            
            
            
            JVNDB: JVNDB-2017-008496 // 
            
            
            
            CNNVD: CNNVD-201709-1307 // 
            
            
            
            NVD: CVE-2017-12226

CREDITS
Cisco.
Trust: 0.3
sources:
            
            
            BID: 101063

SOURCES
db:CNVDid:CNVD-2017-34215
db:VULHUBid:VHN-102727
db:BIDid:101063
db:JVNDBid:JVNDB-2017-008496
db:CNNVDid:CNNVD-201709-1307
db:NVDid:CVE-2017-12226

LAST UPDATE DATE
2024-11-23T22:59:14.763000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-34215date:2017-11-16T00:00:00
db:VULHUBid:VHN-102727date:2019-10-09T00:00:00
db:BIDid:101063date:2017-10-04T10:01:00
db:JVNDBid:JVNDB-2017-008496date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1307date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12226date:2024-11-21T03:09:04.510

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-34215date:2017-11-16T00:00:00
db:VULHUBid:VHN-102727date:2017-09-29T00:00:00
db:BIDid:101063date:2017-09-27T00:00:00
db:JVNDBid:JVNDB-2017-008496date:2017-10-20T00:00:00
db:CNNVDid:CNNVD-201709-1307date:2017-09-28T00:00:00
db:NVDid:CVE-2017-12226date:2017-09-29T01:34:48.593