var-201707-0898
Vulnerability from variot
A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. More Information: CSCvd59341. Known Affected Releases: 4.2(1.0)P1. Cisco PrimeNetwork is an integrated component of Cisco PrimeforIPNGNsuite and is a stand-alone product. Allow attackers to obtain sensitive information. This issue is being tracked by Cisco Bug ID CSCvd59341. CLI is one of those command line interfaces
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0898",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prime network",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.2\\(1.0\\)p1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.2(1.0)p1"
},
{
"model": "prime network",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "prime network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network 4.2 p1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "BID",
"id": "99456"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:prime_network",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yossi Meloch.",
"sources": [
{
"db": "BID",
"id": "99456"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6726",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-6726",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-14611",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-114929",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-6726",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-6726",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-6726",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-14611",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-395",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-114929",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "VULHUB",
"id": "VHN-114929"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. More Information: CSCvd59341. Known Affected Releases: 4.2(1.0)P1. Cisco PrimeNetwork is an integrated component of Cisco PrimeforIPNGNsuite and is a stand-alone product. Allow attackers to obtain sensitive information. \nThis issue is being tracked by Cisco Bug ID CSCvd59341. CLI is one of those command line interfaces",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "BID",
"id": "99456"
},
{
"db": "VULHUB",
"id": "VHN-114929"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6726",
"trust": 3.4
},
{
"db": "BID",
"id": "99456",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-14611",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114929",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "VULHUB",
"id": "VHN-114929"
},
{
"db": "BID",
"id": "99456"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"id": "VAR-201707-0898",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "VULHUB",
"id": "VHN-114929"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
}
]
},
"last_update_date": "2024-11-23T23:05:20.900000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170705-cpn",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-cpn"
},
{
"title": "Cisco Prime Network Gateway CLI Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71593"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114929"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170705-cpn"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/99456"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6726"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6726"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/99456/"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network/tsd-products-support-series-home.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "VULHUB",
"id": "VHN-114929"
},
{
"db": "BID",
"id": "99456"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"db": "VULHUB",
"id": "VHN-114929"
},
{
"db": "BID",
"id": "99456"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"date": "2017-07-10T00:00:00",
"db": "VULHUB",
"id": "VHN-114929"
},
{
"date": "2017-07-05T00:00:00",
"db": "BID",
"id": "99456"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"date": "2017-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"date": "2017-07-10T20:29:00.423000",
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14611"
},
{
"date": "2017-07-13T00:00:00",
"db": "VULHUB",
"id": "VHN-114929"
},
{
"date": "2017-07-05T00:00:00",
"db": "BID",
"id": "99456"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005539"
},
{
"date": "2017-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-395"
},
{
"date": "2024-11-21T03:30:23.307000",
"db": "NVD",
"id": "CVE-2017-6726"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "99456"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Prime Network Gateway of CLI Vulnerability in obtaining system process information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005539"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-395"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…