CVE-2017-6690
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.
Una vulnerabilidad en la operación de comprobación de archivos de Enrutadores ASR 5000 Series Aggregated Services de Cisco, que ejecutan el sistema operativo StarOS de Cisco, podría permitir a un atacante remoto autenticado sobrescribir o modificar los archivos arbitrarios en un sistema afectado. Más información: CSCvd73726. Versiones Afectadas Conocidas: 21.0.v0.65839 21.3.M0.67005. Versiones Corregidas Conocidas: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-06-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98998 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038634 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-staros | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Asr 5000 Software Search vendor "Cisco" for product "Asr 5000 Software" | 21.0.v0.65839 Search vendor "Cisco" for product "Asr 5000 Software" and version "21.0.v0.65839" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asr 5000 Software Search vendor "Cisco" for product "Asr 5000 Software" | 21.3.m0.67005 Search vendor "Cisco" for product "Asr 5000 Software" and version "21.3.m0.67005" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|