Vulnerability Name:

CVE-2017-6622

Assigned:2017-03-09
Published:2017-05-18
Updated:2017-09-29
Summary:A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724.
CVSS v3 Severity:9.8 Critical (CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
10.0 Critical (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
References:Source: BID
Type: VENDOR_ADVISORY
98520

Source: SECTRACK
Type: UNKNOWN
1038507

Source: CONFIRM
Type: VENDOR_ADVISORY
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1

Source: EXPLOIT-DB
Type: UNKNOWN
42888

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:prime_collaboration_provisioning:10.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:10.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:9.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:9.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:11.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:10.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:11.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:prime_collaboration_provisioning:11.0.0:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    BACK
    cisco prime_collaboration_provisioning 10.5.0
    cisco prime_collaboration_provisioning 10.6.2
    cisco prime_collaboration_provisioning 9.5.0
    cisco prime_collaboration_provisioning 9.0.0
    cisco prime_collaboration_provisioning 11.1.0
    cisco prime_collaboration_provisioning 10.5.1
    cisco prime_collaboration_provisioning 10.6.0
    cisco prime_collaboration_provisioning 11.5.0
    cisco prime_collaboration_provisioning 10.0.0
    cisco prime_collaboration_provisioning 11.0.0