CVE-2017-12337
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.
Una vulnerabilidad en el mecanismo de actualización de productos de colaboración de Cisco basados en la plataforma de software Cisco Voice Operating System podría permitir que un atacante remoto no autenticado obtenga acceso elevado no autorizado a un dispositivo afectado. La vulnerabilidad ocurre cuando un refresh upgrade (RU) o una migración Prime Collaboration Deployment (PCD) se realiza en un dispositivo afectado. Cuando un refresh upgrade o una migración PCD se completa con éxito, una marca de ingeniería se mantiene habilitada y podría permitir el acceso root al dispositivo con una contraseña conocida. Si el dispositivo vulnerable se actualiza empleando el método de actualización estándar a un Engineering Special Release, la actualización del servicio o una nueva actualización del producto afectado, esta vulnerabilidad se remedia mediante tal acción. Nota: Los Engineering Special Release que se instalan como archivos COP, a diferencia del método de actualización estándar, no remedian esta vulnerabilidad. Un atacante que pueda acceder a un dispositivo afectado mediante SFTP mientras se encuentre en un estado vulnerable podría obtener acceso root al dispositivo. Este acceso podría permitir que el atacante comprometa completamente el sistema afectado. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-03 CVE Reserved
- 2017-11-16 CVE Published
- 2024-02-20 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101865 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039813 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039814 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039815 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039816 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039817 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039818 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039819 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039820 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Emergency Responder Search vendor "Cisco" for product "Emergency Responder" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Finesse Search vendor "Cisco" for product "Finesse" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Hosted Collaboration Solution Search vendor "Cisco" for product "Hosted Collaboration Solution" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Mediasense Search vendor "Cisco" for product "Mediasense" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Prime License Manager Search vendor "Cisco" for product "Prime License Manager" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Socialminer Search vendor "Cisco" for product "Socialminer" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Communications Manager Search vendor "Cisco" for product "Unified Communications Manager" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Communications Manager Search vendor "Cisco" for product "Unified Communications Manager" | - | session_management |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Communications Manager Im And Presence Service Search vendor "Cisco" for product "Unified Communications Manager Im And Presence Service" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Contact Center Express Search vendor "Cisco" for product "Unified Contact Center Express" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unity Connection Search vendor "Cisco" for product "Unity Connection" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Intelligence Center Search vendor "Cisco" for product "Unified Intelligence Center" | - | - |
Affected
| ||||||