Vulnerabilites related to Brocade Communications Systems, Inc. - Ruckus Networks Unleashed APs and Zone Director
CVE-2017-6229 (GCVE-0-2017-6229)
Vulnerability from cvelistv5
Published
2018-02-14 19:00
Modified
2024-09-16 23:55
Severity ?
CWE
  • Authenticated command injection in CLI interface of ZD/Unleashed software.
Summary
Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.
References
https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txtx_refsource_CONFIRM
Impacted products
Vendor Product Version
Brocade Communications Systems, Inc. Ruckus Networks Unleashed APs and Zone Director Version: Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:25:48.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Ruckus Networks Unleashed APs and Zone Director",
          "vendor": "Brocade Communications Systems, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
            }
          ]
        }
      ],
      "datePublic": "2018-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authenticated command injection in CLI interface of ZD/Unleashed software.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-14T18:57:02",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@brocade.com",
          "DATE_PUBLIC": "2018-02-09T00:00:00",
          "ID": "CVE-2017-6229",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ruckus Networks Unleashed APs and Zone Director",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Unleashed AP firmware releases before 200.6.10.1.x and ZD firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x,9.13.3.0.x, 10.0.1.0.x or before"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Brocade Communications Systems, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authenticated command injection in CLI interface of ZD/Unleashed software."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt",
              "refsource": "CONFIRM",
              "url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2017-6229",
    "datePublished": "2018-02-14T19:00:00Z",
    "dateReserved": "2017-02-23T00:00:00",
    "dateUpdated": "2024-09-16T23:55:41.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}