CVE-2017-12335 : A vulnerability in the CLI of Cisco NX-OS System Software could allow an authent

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command and gain unauthorized access to the underlying operating system of the device. An exploit could allow the attacker to execute arbitrary commands at the user's privilege level. On products that support multiple virtual device contexts (VDCs), this vulnerability could allow an attacker to execute commands at the user's privilege level outside the user's environment. This vulnerability affects the following products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System Manager. Cisco Bug IDs: CSCvf14923, CSCvf14926, CSCvg04095.

Published 2017-11-30 09:29:01

Updated 2019-10-03 00:03:26

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Bypass

Products affected by CVE-2017-12335

Cisco » Nx-os » Version: 8.1(1)
cpe:2.3:o:cisco:nx-os:8.1\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 7.0(0)hsk(0.357)
cpe:2.3:o:cisco:nx-os:7.0\(0\)hsk\(0.357\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 8.1(0)bd(0.20)
cpe:2.3:o:cisco:nx-os:8.1\(0\)bd\(0.20\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Computing System » Version: 7.0(0)hsk(0.357)
cpe:2.3:a:cisco:unified_computing_system:7.0\(0\)hsk\(0.357\):*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-12335

EPSS FAQ

0.28%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 48 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-12335

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.3	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L	2.0	3.7	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: Low Integrity: Low Availability: Low

CWE ids for CVE-2017-12335

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)

References for CVE-2017-12335

http://www.securitytracker.com/id/1039935

Cisco NX-OS CLI Input Validation Flaw Lets Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry
http://www.securityfocus.com/bid/102165

Cisco NX-OS System Software CVE-2017-12335 Local Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos4

Cisco NX-OS System Software CLI Command Injection Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2017-12335

Products affected by CVE-2017-12335

Exploit prediction scoring system (EPSS) score for CVE-2017-12335

CVSS scores for CVE-2017-12335

CWE ids for CVE-2017-12335

References for CVE-2017-12335