CVE-2017-12243

{"id": "CVE-2017-12243", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-11-02T16:29:00.193", "references": [{"url": "http://www.securityfocus.com/bid/101652", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1039719", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-arce", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078."}, {"lang": "es", "value": "Un vulnerabilidad en Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) y Cisco Firepower 9300 Security Appliance podr\u00eda permitir que un atacante local autenticado obtenga privilegios root shell en el dispositivo. Esta vulnerabilidad tambi\u00e9n se conoce como Command Injection. La vulnerabilidad se debe a una validaci\u00f3n inadecuada de valores de entrada de una cadena en la aplicaci\u00f3n shell. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el uso de comandos maliciosos. Un exploit exitoso podr\u00eda permitir que el atacante obtenga privilegios root shell en el dispositivo. Cisco Bug IDs: CSCvf20741, CSCvf60078."}], "lastModified": "2019-10-09T23:22:44.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:unified_computing_system_manager_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0933D49C-E079-4071-A69F-60DCBD5E88F1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:unified_computing_system_manager:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF9380E9-30C8-4CD2-BA77-EE61EA490F3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_9300_security_appliance_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD314E64-ECA6-4200-BB6B-880DB07F19ED"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0574E77C-18C6-4621-B73A-DCDD6D1B5E37"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91A99DA5-0087-4F62-8A12-DAC826311530"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CC4B991-7160-4C32-9A8E-778602FDE349"}, {"criteria": "cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9DB5299D-3948-474C-B977-8FD2A849945D"}, {"criteria": "cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "161EEC9B-419D-4C88-B546-04931D0037E7"}, {"criteria": "cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDEAEC97-05AC-4E8B-A9A5-14800AAF1EB8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}