CVE-2017-6707

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.

Published: Jul 6, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-6707
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / staros	16.0(900)	16.0(900).x
cisco / staros	12.2(300)	12.2(300).x
cisco / staros	19.3.0	19.3.0.x
cisco / staros	14.0(600)	14.0(600).x
cisco / staros	20.0.0	20.0.0.x
cisco / staros	19.0.m0.61045	19.0.m0.61045.x
cisco / staros	20.0.m0.63229	20.0.m0.63229.x
cisco / staros	18.1.0.59776	18.1.0.59776.x
cisco / staros	15.0(935)	15.0(935).x
cisco / staros	19.1.0.61559	19.1.0.61559.x
cisco / staros	17.3.1	17.3.1.x
cisco / staros	19.0.1	19.0.1.x
cisco / staros	19.0.m0.60737	19.0.m0.60737.x
cisco / staros	15.0_base	15.0_base.x
cisco / staros	19.0.m0.60828	19.0.m0.60828.x
cisco / staros	16.1.1	16.1.1.x
cisco / staros	15.0(938)	15.0(938).x
cisco / staros	16.1.0	16.1.0.x
cisco / staros	21.0_m0.64702	21.0_m0.64702.x
cisco / staros	18.3.0	18.3.0.x
cisco / staros	18.0.0.57828	18.0.0.57828.x
cisco / staros	17.3.0	17.3.0.x
cisco / staros	16.0.0	16.0.0.x
cisco / staros	18.3_base	18.3_base.x
cisco / staros	19.1.0	19.1.0.x
cisco / staros	12.1_base	12.1_base.x
cisco / staros	21.0_base	21.0_base.x
cisco / staros	12.2_base	12.2_base.x
cisco / staros	18.0.0.59211	18.0.0.59211.x
cisco / staros	16.5.2	16.5.2.x
cisco / staros	18.1.0.59780	18.1.0.59780.x
cisco / staros	20.0.1.a0	20.0.1.a0.x
cisco / staros	20.0.1.0	20.0.1.0.x
cisco / staros	18.0.0.59167	18.0.0.59167.x
cisco / staros	20.0.2.v1	20.0.2.v1.x
cisco / staros	20.0.2.3.65026	20.0.2.3.65026.x
cisco / staros	14.0.0	14.0.0.x
cisco / staros	17.7.0	17.7.0.x
cisco / staros	20.0.v0	20.0.v0.x
cisco / staros	16.5.0	16.5.0.x
cisco / staros	16.1.2	16.1.2.x
cisco / staros	17.2.0.59184	17.2.0.59184.x
cisco / staros	20.0.1.v0	20.0.1.v0.x
cisco / staros	18.1_base	18.1_base.x
cisco / staros	17.3_base	17.3_base.x
cisco / staros	18.1.0	18.1.0.x
cisco / staros	19.2.0	19.2.0.x
cisco / staros	15.0(912)	15.0(912).x
cisco / staros	11.0_base	11.0_base.x
cisco / staros	17.2.0	17.2.0.x
cisco / staros	18.0.0	18.0.0.x
cisco / staros	21.0_m0.64246	21.0_m0.64246.x
cisco / staros	18.4.0	18.4.0.x
cisco / staros	18.0.l0.59219	18.0.l0.59219.x
cisco / staros	20.0.m0.62842	20.0.m0.62842.x
cisco / staros	12.0.0	12.0.0.x
cisco / staros	21.0.0	21.0.0.x
cisco / staros	20.0.2.3	20.0.2.3.x

Vulnerability Database

289,697

CVE-2017-6707