CLI Security Bypass in Cisco ASR 5000 Series Routers
CVE-2017-6773

6.7MEDIUM

Key Information:

Vendor
Cisco
Status
Staros For Asr 5000 Series Aggregated Services Routers
Vendor
CVE Published:
17 August 2017

Summary

A vulnerability located within the Command-Line Interface (CLI) of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system allows an authenticated, local attacker to bypass existing CLI restrictions. This vulnerability arises from inadequate input sanitization of user-supplied inputs within the CLI. By crafting specific scripts, an attacker could exploit this weakness, gaining unauthorized access to execute commands directly at the underlying operating system level. The ability to launch the CLI from a command shell can have significant security implications, making it crucial for users to assess their devices for potential exploits. Relevant Cisco Bug IDs include CSCvd47722.

Affected Version(s)

StarOS for ASR 5000 Series Aggregated Services Routers 21.0.v0.65839

References

http://www.securityfocus.com/bid/100376
vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecu...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1039181
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.