FKIE_CVE-2017-6748

Vulnerability from fkie_nvd - Published: 2017-07-25 19:29 - Updated: 2025-04-20 01:37
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/99918Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1038956Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/99918Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038956Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2Vendor Advisory
Impacted products
Vendor Product Version
cisco web_security_appliance 10.0.0-232
cisco web_security_appliance 10.0.0-233
cisco web_security_appliance 10.0_base
cisco web_security_appliance 10.1.0
cisco web_security_appliance 10.1.0-204
cisco web_security_appliance 10.1.1-230
cisco web_security_appliance 10.5.0
cisco web_security_appliance 10.5.0-358
cisco web_security_appliance 11.0.0
cisco web_security_appliance 11.0.0-613
cisco web_security_virtual_appliance 10.0.0
cisco web_security_virtual_appliance 10.0_base
cisco web_security_virtual_appliance 10.1.0
cisco web_security_virtual_appliance 10.1.1
cisco web_security_virtual_appliance 10.1_base
cisco web_security_virtual_appliance 10.5.1
cisco web_security_virtual_appliance 10.5_base
cisco web_security_virtual_appliance 11.0.0
cisco web_security_virtual_appliance 11.0_base
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-232:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4BDE8C-6D41-4BCF-8BB3-9256E2AD09E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-233:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C84C8F0-4722-4385-B3CD-86E05F3D72BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B251F2-C0EF-41A5-9318-CAB6FF8D7D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6845F048-06E0-4F5D-A2BD-A8D856530D15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-230:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89E6946-5451-4A35-BD48-BA260B7928F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F68D77CC-8FA7-436C-9799-EB691D145C3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0-358:*:*:*:*:*:*:*",
              "matchCriteriaId": "96C185A6-D4DE-4EA0-952D-714CCCAF2B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9EA61C-3D1D-463A-802A-0073183CE39C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:11.0.0-613:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8BB0F9-F14B-4EA5-B24E-FED0B8C1B264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69528D17-2EA4-4CF5-B2D4-26B185C66ED8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "F260BF88-C6C4-41B7-BDE7-EC1CF4EFB74F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED59A8D-41E6-448E-AEEF-91400742CC0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF6B908-B1A0-48FC-A481-CA2AF9738BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "F432D2A9-AF00-4578-B1DC-171876CE1C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD97A391-7E07-46EC-85D6-C17D1EB753A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "679B5A90-ED85-4086-916B-664FF2DD9EB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5FAE893-BD18-481B-A65D-D2F235571836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:11.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "599D1619-F27A-4205-972C-3B4B9578C2E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el analizador de la CLI de Web Security Appliance (WSA) de Cisco, podr\u00eda permitir a un atacante local autenticado realizar la inyecci\u00f3n de comandos y elevar los privilegios a root. El atacante necesita autenticarse con credenciales v\u00e1lidas de nivel de operador o de administrador. Productos afectados: versiones virtuales y de hardware de Web Security Appliance (WSA) de Cisco. M\u00e1s informaci\u00f3n: CSCvd88855. Versiones afectadas conocidas: 10.1.0-204. Versiones fijas conocidas: 10.5.1-270 10.1.1-234."
    }
  ],
  "id": "CVE-2017-6748",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-25T19:29:00.270",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99918"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038956"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.