cve-2017-6707
Vulnerability from cvelistv5
Published
2017-07-06 00:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco StarOS |
Version: Cisco StarOS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd"
},
{
"name": "99462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco StarOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco StarOS"
}
]
}
],
"datePublic": "2017-07-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1038818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd"
},
{
"name": "99462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco StarOS",
"version": {
"version_data": [
{
"version_value": "Cisco StarOS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038818"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd"
},
{
"name": "99462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6707",
"datePublished": "2017-07-06T00:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-6707\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2017-07-06T00:29:00.177\",\"lastModified\":\"2024-11-21T03:30:20.943\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el c\u00f3digo command-parsing de la CLI del sistema operativo StarOS de Cisco para dispositivos ASR 5000 Series versi\u00f3n 11.0 hasta 21.0, 5500 Series y 5700 Series de Cisco y el software Virtualized Packet Core (VPC) de Cisco, podr\u00eda permitir a un atacante local autenticado interrumpir la CLI del StarOS de un sistema afectado y ejecutar comandos shell arbitrarios como usuario root de Linux en el sistema, tambi\u00e9n se conoce como Inyecci\u00f3n de Comandos. La vulnerabilidad existe porque el sistema operativo afectado no hace un saneamiento de los comandos antes de insertarlos en los comandos shell de Linux. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un comando creado de la CLI para su ejecuci\u00f3n en un comando shell de Linux como un usuario root. ID de Bug de Cisco: CSCvc69329, CSCvc72930.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:11.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C454137D-16DF-4AC2-A713-F7063E898939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03EED3DD-496A-48CF-8AF0-5E30DAA6314F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:12.1_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA9417F3-7D70-4484-9B93-19C28C38F51B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:12.2\\\\(300\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02D2589B-FC06-47BB-B545-95424C052E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:12.2_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831BFC89-3876-4F6F-A926-C29C13A6D9B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:14.0\\\\(600\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAFE6257-0118-430B-9856-55B745FCF9D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD8633C3-7092-4793-AE4B-CB537DE514DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:15.0\\\\(912\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF86D7C7-353B-4BC7-9F18-D00C7F2E695C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:15.0\\\\(935\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD1C51B9-163D-440A-8B14-2B0D6F437CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:15.0\\\\(938\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2300C8D-AA18-45CA-9EC0-EB4659385863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:15.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5289C275-E80F-4776-8871-4873634C1E2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.0\\\\(900\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8043AB1-636A-47AB-9B5A-D1FC6D286D52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3A3FBBB-BF06-4F27-9AFA-0F57C6343865\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D2E4C7F-0A9E-4B0C-B248-966155B56B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48C130CD-A00A-4FDC-B6AA-E6C3E3532ED8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A1E3EE9-06ED-46B6-8576-B9F5CCF8C5F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD80771F-7650-4DAF-B9FD-AE978C43736F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:16.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D15F6CD4-C821-4957-B65E-5E2A771D929C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04145290-816F-4A19-8739-396CBD786D7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.2.0.59184:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F7E4AEE-94AF-45E2-BCD3-0CB156A0EC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12C68829-4B5B-4B0F-BA9D-4D6A26B92A7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF8967E4-D278-4A38-900F-BE64F5088989\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.3_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8823E83-1EAC-4ED0-8B1C-369152040E98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:17.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47F532C0-1054-4470-B788-58E84CD5781A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E044CCC9-D15F-4674-BEC9-832988EFEB7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.0.0.57828:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7311CD2-6668-4254-BF40-99A36ECDD48F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.0.0.59167:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7C1A510-800B-4F0F-8483-B485C6CFD3CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.0.0.59211:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80218968-C095-4830-B9A7-67BB6FFAE4BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.0.l0.59219:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD9B9641-D25B-41D2-8AC4-9FDDC5B82D25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE0014BF-BFFB-409C-B9A5-193C5039FE21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.1.0.59776:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13AB3F1A-84F3-43A3-882D-7EE3DBADDFBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.1.0.59780:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97857CC-40AB-48A2-A39E-27E075BC6DB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.1_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C5BBA4D-F4BF-4849-8387-74EBD17AC30D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD68E907-280D-42A1-8215-ECB2DA7286FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.3_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCF8900C-FD6D-48FA-90EE-77E46DF31B32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:18.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A156E7C-C4FC-4166-9806-537A2F2B0514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BB9185-2E79-4A78-A5DE-D77F5CD2CFE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.0.m0.60737:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F4FDEC-551A-4A6A-90B2-0838305E28F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.0.m0.60828:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48B94C0A-A9D4-4EC6-B063-C4292975F855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.0.m0.61045:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"857DAEB3-BE28-48DD-9D3F-55E47BC05B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E92EEAD-E9D0-407C-BC4E-F64C8F015414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.1.0.61559:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C968950-13F7-4671-B1EA-922951760B62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF8ED69-D9ED-4E9B-831C-803E1A94A41F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:19.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6602B9A6-C35F-4E50-9CD5-E0135962694A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5173B19-BCD1-419E-9335-AEA1F05CBA66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE3A11B0-CC34-4F64-B4D7-DB45A5E92B4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.1.a0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ED29CFC-A64B-49FF-ABEA-487BA88C880D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.1.v0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47D8753E-45EE-484F-B7B0-44FA608EC742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F215052-EA0B-4646-B993-4F30487BB45E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.2.3.65026:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8141015-B85E-45D7-9DA0-BF29D8FB01ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.2.v1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17DFC8AE-3448-4F6D-BFD7-F1A2055F375E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.m0.62842:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9E697D7-05C0-4BE0-B64B-06DBF0B4083F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.m0.63229:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DECCE42E-EF83-4A2D-83BE-59C8902E3F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:20.0.v0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2379CED-D0DC-491B-BA03-863A9E1811D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:21.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7931FEA-534C-4556-A41F-261A9B25CDB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:21.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A827B2AE-0DB8-4857-A438-D5DFDF2828E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:21.0_m0.64246:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23BF3FCD-3A29-4939-871D-C83CC4C9F85D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:staros:21.0_m0.64702:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A749454D-894D-4A57-99A1-6DC9055367BB\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99462\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1038818\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99462\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1038818\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-asrcmd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.