// For flags

CVE-2017-12336

 

Severity Score

4.2
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validation of user-supplied files passed to the interactive TCL shell of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. To exploit this vulnerability, an attacker must have local access and be authenticated to the targeted device with administrative or tclsh execution privileges. This vulnerability affects the following products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System Manager. Cisco Bug IDs: CSCve93750, CSCve93762, CSCve93763, CSCvg04127.

Una vulnerabilidad en el subsistema de scripting TCL de Cisco NX-OS System Software podría permitir que un atacante local autenticado escape el shell TCL interactivo y obtenga acceso no autorizado al sistema operativo subyacente del dispositivo. La vulnerabilidad se debe a la validación insuficiente de archivos entrantes proporcionados por el usuario que se pasan al shell TCL interactivo del dispositivo afectado. Un atacante podría explotar esta vulnerabilidad para escapar la sandbox de scripting y ejecutar comandos arbitrarios en el sistema operativo en el que se ejecuta con los privilegios del usuario autenticado. Para explotar esta vulnerabilidad, un atacante debe tener acceso local y estar autenticado en el dispositivo objetivo del ataque con privilegios de administrador o de ejecución de tclsh. Esta vulnerabilidad afecta a los siguientes productos que ejecutan Cisco NX-OS System Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches - Standalone, NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules y Unified Computing System Manager. Cisco Bug IDs: CSCve93750, CSCve93762, CSCve93763, CSCvg04127.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-08-03 CVE Reserved
  • 2017-11-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
6.0\(2\)a8\(3\)
Search vendor "Cisco" for product "Nx-os" and version "6.0\(2\)a8\(3\)"
-
Affected
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
8.0\(1\)
Search vendor "Cisco" for product "Nx-os" and version "8.0\(1\)"
-
Affected
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
8.1\(0\)bd\(0.20\)
Search vendor "Cisco" for product "Nx-os" and version "8.1\(0\)bd\(0.20\)"
-
Affected
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
8.1\(0.2\)s0
Search vendor "Cisco" for product "Nx-os" and version "8.1\(0.2\)s0"
-
Affected
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
8.1\(0.59\)s0
Search vendor "Cisco" for product "Nx-os" and version "8.1\(0.59\)s0"
-
Affected
Cisco
Search vendor "Cisco"
Nx-os
Search vendor "Cisco" for product "Nx-os"
8.1\(1\)s5
Search vendor "Cisco" for product "Nx-os" and version "8.1\(1\)s5"
-
Affected
Cisco
Search vendor "Cisco"
Unified Computing System
Search vendor "Cisco" for product "Unified Computing System"
7.0\(0\)hsk\(0.357\)
Search vendor "Cisco" for product "Unified Computing System" and version "7.0\(0\)hsk\(0.357\)"
-
Affected