CVE-2017-12339 : A vulnerability in the CLI of Cisco NX-OS System Software could allow an authent

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to execute arbitrary commands at the user's privilege level. On products that support multiple virtual device contexts (VDCs), this vulnerability could allow the attacker to execute commands at the user's privilege level outside the user's environment. This vulnerability affects the following products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, and Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve99925, CSCvf15164, CSCvf15167, CSCvf15170, CSCvf15173.

Published 2017-11-30 09:29:01

Updated 2017-12-17 02:29:00

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2017-12339

Cisco » Nx-os » Version: 7.0(0)hsk(0.357)
cpe:2.3:o:cisco:nx-os:7.0\(0\)hsk\(0.357\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 8.1(0)bd(0.20)
cpe:2.3:o:cisco:nx-os:8.1\(0\)bd\(0.20\):*:*:*:*:*:*:*
Matching versions
Cisco » Nx-os » Version: 8.0(1)
cpe:2.3:o:cisco:nx-os:8.0\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Lan Switch Software » Version: 12.2(1.107)
cpe:2.3:o:cisco:lan_switch_software:12.2\(1.107\):*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-12339

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 30 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-12339

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
5.7	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L	1.5	3.7	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Changed Confidentiality: Low Integrity: Low Availability: Low

CWE ids for CVE-2017-12339

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)

References for CVE-2017-12339

http://www.securitytracker.com/id/1039938

Cisco NX-OS CLI Parser Bug Lets Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos7

Cisco NX-OS System Software CLI Command Injection Vulnerability
Vendor Advisory
http://www.securityfocus.com/bid/102198

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability

Jump to

Vulnerability Details : CVE-2017-12339

Products affected by CVE-2017-12339

Exploit prediction scoring system (EPSS) score for CVE-2017-12339

CVSS scores for CVE-2017-12339

CWE ids for CVE-2017-12339

References for CVE-2017-12339