CVE-2017-6712

HIGH

Cisco Elastic Services Controller - Authenticated Privilege Escalation and OS Command Injection via Tomcat User

Title source: llm
STIX 2.1

Description

A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99461

Scores

CVSS v3 8.8
EPSS 0.0205
EPSS Percentile 78.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (7)
cisco/elastic_services_controller 1.0.0
cisco/elastic_services_controller 1.1.0
cisco/elastic_services_controller 2.0
cisco/elastic_services_controller 2.1.0
cisco/elastic_services_controller 2.2.0
cisco/elastic_services_controller 2.3.0
n/a/Cisco Elastic Services Controller Cisco Elastic Services Controller
Published Jul 06, 2017
Tracked Since Feb 18, 2026