Vulnerability Description
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Asr 5000 Software | 21.0.v0.65839 |
| Cisco | Asr 5000 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/98998Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038634
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/98998Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038634
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-6690?
CVE-2017-6690 is a vulnerability with a CVSS score of 4.9 (MEDIUM). A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or...
How severe is CVE-2017-6690?
CVE-2017-6690 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6690?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Asr 5000 Software, Cisco Asr 5000.