CyberSec.Space Logo
Back to CVE Browser

CVE-2017-6682

HIGH
8.8
CVSS Severity Score
EPSS Score0.0320%
EPSS Percentile44.33th
PublishedJun 13, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).

Affected Platforms (CPE)

πŸ“¦
Cisco

Elastic Services Controller

= 2.2\(9.76\)

References & Advisories

πŸ”— http://www.securityfocus.com/bid/98951
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc1
πŸ”— http://www.securityfocus.com/bid/98951
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc1

Related Vulnerabilities

CVE-2019-186710.0

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypa...

CVE-2018-01219.8

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software ...

CVE-2017-67099.8

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acce...

CVE-2017-67139.8

A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker t...