Improper input validation in Cisco IOx - CVE-2017-3852
Published: March 23, 2017 / Updated: April 5, 2018
Vulnerability identifier: #VU6160
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-3852
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco IOx
Cisco IOx
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to write or modify arbitrary files on the target device.
The weakness exists due to insufficient input validation of user-supplied application packages. A remote attacker can send specially crafted requests to the target Cisco application-hosting framework (CAF) component, trigger an input validation flaw and write or modify arbitrary files on the target virtual instance running on the target device.
Successful exploitation of the vulnerability results in modification of system information.
The weakness exists due to insufficient input validation of user-supplied application packages. A remote attacker can send specially crafted requests to the target Cisco application-hosting framework (CAF) component, trigger an input validation flaw and write or modify arbitrary files on the target virtual instance running on the target device.
Successful exploitation of the vulnerability results in modification of system information.
How to mitigate CVE-2017-3852
Update to version 1.2.4.2.