cnvd - cnvd-2017-04938

CNVD-2017-04938

Vulnerability from cnvd - Published: 2017-04-21

Title

Cisco Integrated Management Controller任意代码执行漏洞

Description

Cisco Integrated Management Controller即（IMC），是美国思科（Cisco）公司一套用于对UCS（统一计算系统）进行管理的工具，它支持HTTP、SSH访问等，并可对服务器进行开机、关机和重启等操作。 Cisco Cisco Integrated Management Controller存在任意代码执行漏洞，由于受影响的软件未能充分过滤和无害化用户提供的HTTP请求值，攻击者可以通过向受影响的软件发送精心设计的HTTP请求，从而在受影响的系统上越权执行任意代码。

Severity

中

Patch Name

Cisco Integrated Management Controller任意代码执行漏洞的补丁

Patch Description

Formal description

思科官方已经发布了修复该漏洞的补丁，请受影响的用户及时升级至不受影响的版本，参考链接： https://tools.cisco.com/bugsearch/bug/CSCvd14578

Reference

http://www.securityfocus.com/bid/97928 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3

Impacted products

Name
Cisco Integrated Management Controller

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "97928"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-6616"
    }
  },
  "description": "Cisco Integrated Management Controller\u5373\uff08IMC\uff09\uff0c\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u4e00\u5957\u7528\u4e8e\u5bf9UCS\uff08\u7edf\u4e00\u8ba1\u7b97\u7cfb\u7edf\uff09\u8fdb\u884c\u7ba1\u7406\u7684\u5de5\u5177\uff0c\u5b83\u652f\u6301HTTP\u3001SSH\u8bbf\u95ee\u7b49\uff0c\u5e76\u53ef\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u5f00\u673a\u3001\u5173\u673a\u548c\u91cd\u542f\u7b49\u64cd\u4f5c\u3002 \r\n\r\nCisco Cisco Integrated Management Controller\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u672a\u80fd\u5145\u5206\u8fc7\u6ee4\u548c\u65e0\u5bb3\u5316\u7528\u6237\u63d0\u4f9b\u7684HTTP\u8bf7\u6c42\u503c\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684HTTP\u8bf7\u6c42\uff0c\u4ece\u800c\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u8d8a\u6743\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u601d\u79d1\u5b98\u65b9\u5df2\u7ecf\u53d1\u5e03\u4e86\u4fee\u590d\u8be5\u6f0f\u6d1e\u7684\u8865\u4e01\uff0c\u8bf7\u53d7\u5f71\u54cd\u7684\u7528\u6237\u53ca\u65f6\u5347\u7ea7\u81f3\u4e0d\u53d7\u5f71\u54cd\u7684\u7248\u672c\uff0c\u53c2\u8003\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/bugsearch/bug/CSCvd14578",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-04938",
  "openTime": "2017-04-21",
  "patchDescription": "Cisco Integrated Management Controller\u5373\uff08IMC\uff09\uff0c\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u4e00\u5957\u7528\u4e8e\u5bf9UCS\uff08\u7edf\u4e00\u8ba1\u7b97\u7cfb\u7edf\uff09\u8fdb\u884c\u7ba1\u7406\u7684\u5de5\u5177\uff0c\u5b83\u652f\u6301HTTP\u3001SSH\u8bbf\u95ee\u7b49\uff0c\u5e76\u53ef\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u5f00\u673a\u3001\u5173\u673a\u548c\u91cd\u542f\u7b49\u64cd\u4f5c\u3002 \r\n\r\nCisco Cisco Integrated Management Controller\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u672a\u80fd\u5145\u5206\u8fc7\u6ee4\u548c\u65e0\u5bb3\u5316\u7528\u6237\u63d0\u4f9b\u7684HTTP\u8bf7\u6c42\u503c\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684HTTP\u8bf7\u6c42\uff0c\u4ece\u800c\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u8d8a\u6743\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Integrated Management Controller\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Integrated Management Controller"
  },
  "referenceLink": "http://www.securityfocus.com/bid/97928\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3",
  "serverity": "\u4e2d",
  "submitTime": "2017-04-21",
  "title": "Cisco Integrated Management Controller\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2017-6616 (GCVE-0-2017-6616)

Vulnerability from cvelistv5 – Published: 2017-04-20 22:00 – Updated: 2024-08-05 15:33

Summary

A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize specific values that are received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user on the affected system. Cisco Bug IDs: CSCvd14578.

Severity ?

No CVSS data available.

CWE

CWE-20

Assigner

cisco

References

URL

Tags

	https://tools.cisco.com/security/center/content/C…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/97928	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Cisco Integrated Management Controller	Affected: Cisco Integrated Management Controller

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3"
          },
          {
            "name": "97928",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97928"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Integrated Management Controller",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Integrated Management Controller"
            }
          ]
        }
      ],
      "datePublic": "2017-04-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize specific values that are received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user on the affected system. Cisco Bug IDs: CSCvd14578."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3"
        },
        {
          "name": "97928",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97928"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6616",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Integrated Management Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Integrated Management Controller"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize specific values that are received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user on the affected system. Cisco Bug IDs: CSCvd14578."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3"
            },
            {
              "name": "97928",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97928"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-6616",
    "datePublished": "2017-04-20T22:00:00",
    "dateReserved": "2017-03-09T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-04938

CVE-2017-6616 (GCVE-0-2017-6616)

Tags

Sightings

Nomenclature