CVEブラウザに戻る

CVE-2017-6682

HIGH

8.8

CVSS Severity Score

EPSS Score0.0320%

EPSS Percentile44.33th

Published2017年6月13日

Last Modified2026年5月13日

Vulnerability Description

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).

Affected Platforms (CPE)

📦

Cisco

Elastic Services Controller

= 2.2\(9.76\)

References & Advisories

🔗 http://www.securityfocus.com/bid/98951

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc1

🔗 http://www.securityfocus.com/bid/98951

🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc1

関連する脆弱性情報

CVE-2019-186710.0

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypa...

CVE-2018-01219.8

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software ...

CVE-2017-67099.8

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acce...

CVE-2017-67139.8

A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker t...