Vulnerability Description
A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86787, CSCve60516, CSCve60555.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 7.1\(1\)n1\(1\) |
| Cisco | Nexus 5548Up | - |
| Cisco | Nexus 5596T | - |
| Cisco | Nexus 5596Up | - |
| Cisco | Nexus 56128P | - |
| Cisco | Nexus 5624Q | - |
| Cisco | Nexus 5648Q | - |
| Cisco | Nexus 5672Up | - |
| Cisco | Nexus 5672Up-16G | - |
| Cisco | Nexus 5696Q | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/98531Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038518
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/98531Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038518
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-6649?
CVE-2017-6649 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The...
How severe is CVE-2017-6649?
CVE-2017-6649 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6649?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 5548Up, Cisco Nexus 5596T, Cisco Nexus 5596Up, Cisco Nexus 56128P.