cnvd - cnvd-2017-07573

cnvd-2017-07573

Vulnerability from cnvd

Title: Cisco Prime Collaboration Provisioning身份验证绕过漏洞

Description:

Cisco Prime Collaboration是综合性视频及声音服务保障及管理系统。

Cisco Prime Collaboration Provisioning的web接口中存在身份验证绕过漏洞，此漏洞源于某些HTTP请求方法中缺少安全限制。未经身份验证的远程攻击者绕过身份验证，以root权限执行命令注入。

Severity: 高

Patch Name: Cisco Prime Collaboration Provisioning身份验证绕过漏洞的补丁

Patch Description:

Cisco Prime Collaboration是综合性视频及声音服务保障及管理系统。

Cisco Prime Collaboration Provisioning的web接口中存在身份验证绕过漏洞，此漏洞源于某些HTTP请求方法中缺少安全限制。未经身份验证的远程攻击者绕过身份验证，以root权限执行命令注入。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1 https://nvd.nist.gov/vuln/detail/CVE-2017-6622

Impacted products

Name
Cisco Prime Collaboration Provisioning <12.1

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "98520"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-6622"
    }
  },
  "description": "Cisco Prime Collaboration\u662f\u7efc\u5408\u6027\u89c6\u9891\u53ca\u58f0\u97f3\u670d\u52a1\u4fdd\u969c\u53ca\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nCisco Prime Collaboration Provisioning\u7684web\u63a5\u53e3\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u6b64\u6f0f\u6d1e\u6e90\u4e8e\u67d0\u4e9bHTTP\u8bf7\u6c42\u65b9\u6cd5\u4e2d\u7f3a\u5c11\u5b89\u5168\u9650\u5236\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\uff0c\u4ee5root\u6743\u9650\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u3002",
  "discovererName": "rgod, working with Trend Micro Zero Day Initiative (ZDI)",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-07573",
  "openTime": "2017-05-26",
  "patchDescription": "Cisco Prime Collaboration\u662f\u7efc\u5408\u6027\u89c6\u9891\u53ca\u58f0\u97f3\u670d\u52a1\u4fdd\u969c\u53ca\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nCisco Prime Collaboration Provisioning\u7684web\u63a5\u53e3\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u6b64\u6f0f\u6d1e\u6e90\u4e8e\u67d0\u4e9bHTTP\u8bf7\u6c42\u65b9\u6cd5\u4e2d\u7f3a\u5c11\u5b89\u5168\u9650\u5236\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\uff0c\u4ee5root\u6743\u9650\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Prime Collaboration Provisioning\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Prime Collaboration Provisioning \u003c12.1"
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-6622",
  "serverity": "\u9ad8",
  "submitTime": "2017-05-19",
  "title": "Cisco Prime Collaboration Provisioning\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2017-6622 (GCVE-0-2017-6622)

Vulnerability from cvelistv5

Published

2017-05-18 19:00

Modified

2024-08-05 15:33

Severity ?

CWE

CWE-264

Summary

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1038507	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/98520	vdb-entry, x_refsource_BID
	https://www.exploit-db.com/exploits/42888/	exploit, x_refsource_EXPLOIT-DB
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco Prime Collaboration Provisioning	Version: Cisco Prime Collaboration Provisioning

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.447Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038507",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038507"
          },
          {
            "name": "98520",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98520"
          },
          {
            "name": "42888",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42888/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Prime Collaboration Provisioning",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Prime Collaboration Provisioning"
            }
          ]
        }
      ],
      "datePublic": "2017-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-29T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1038507",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038507"
        },
        {
          "name": "98520",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98520"
        },
        {
          "name": "42888",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42888/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-6622",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Prime Collaboration Provisioning",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Prime Collaboration Provisioning"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1038507",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038507"
            },
            {
              "name": "98520",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98520"
            },
            {
              "name": "42888",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42888/"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-6622",
    "datePublished": "2017-05-18T19:00:00",
    "dateReserved": "2017-03-09T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.447Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted