CVE-2017-6623

{"id": "CVE-2017-6623", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-05-18T19:29:00.283", "references": [{"url": "http://www.securityfocus.com/bid/98521", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users. The Cisco Policy Suite application is vulnerable when running software versions 10.0.0, 10.1.0, or 11.0.0. Cisco Bug IDs: CSCvc07366."}, {"lang": "es", "value": "Una vulnerabilidad en un archivo de script que es instalado como parte de la distribuci\u00f3n del Software Cisco Policy Suite (CPS) para el dispositivo CPS podr\u00eda permitir que un atacante local autenticado aumente su nivel de privilegio a root. La vulnerabilidad es debido a permisos de sudoers incorrectos en el archivo de script. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo y proporcionando informaci\u00f3n de usuario dise\u00f1ada en la CLI, usando este archivo de script para escalar su nivel de privilegio y ejecutar comandos como root. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante adquirir privilegios de nivel root y tomar el control total del dispositivo. El usuario debe iniciar sesi\u00f3n en el dispositivo con credenciales v\u00e1lidas para un conjunto espec\u00edfico de usuarios. La aplicaci\u00f3n Cisco Policy Suite es vulnerable cuando se ejecutan las versiones de software 10.0.0, 10.1.0 u 11.0.0. IDs de Bug de Cisco: CSCvc07366."}], "lastModified": "2019-10-09T23:28:51.637", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:policy_suite:10.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62A538DC-454D-4138-B59B-5BDB5CAA9D65"}, {"criteria": "cpe:2.3:a:cisco:policy_suite:10.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B574E08E-90EA-4698-A232-B4DBEB03BBB7"}, {"criteria": "cpe:2.3:a:cisco:policy_suite:11.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E134B57-BB82-436E-BF85-BE1A89743951"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}