Command injection in Elastic Services Controller - CVE-2017-6682
Published: June 9, 2017
Vulnerability identifier: #VU6996
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber
CVE-ID: CVE-2017-6682
CWE-ID: CWE-77
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Elastic Services Controller
Elastic Services Controller
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to execute arbitrary command on the target system.
The weakness exists in ConfD CLI of Cisco Elastic Services Controllers on Linux systems due to insufficient sanitization of commands that are permitted to run from the ConfD CLI of an affected system. A remote attacker can break from the restricted shell of the ConfD CLI of an affected system and run arbitrary commands as the Linux tomcat user.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in ConfD CLI of Cisco Elastic Services Controllers on Linux systems due to insufficient sanitization of commands that are permitted to run from the ConfD CLI of an affected system. A remote attacker can break from the restricted shell of the ConfD CLI of an affected system and run arbitrary commands as the Linux tomcat user.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2017-6682
Install update from vendor's website.