CVE-2017-6712
HIGHCisco Elastic Services Controller - Authenticated Privilege Escalation and OS Command Injection via Tomcat User
Title source: llmDescription
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run certain shell commands, allowing the user to overwrite any file on the filesystem and elevate privileges to root. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76634.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-esc1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99461
Scores
CVSS v3
8.8
EPSS
0.0205
EPSS Percentile
78.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (7)
cisco/elastic_services_controller
1.0.0
cisco/elastic_services_controller
1.1.0
cisco/elastic_services_controller
2.0
cisco/elastic_services_controller
2.1.0
cisco/elastic_services_controller
2.2.0
cisco/elastic_services_controller
2.3.0
n/a/Cisco Elastic Services Controller
Cisco Elastic Services Controller
Published
Jul 06, 2017
Tracked Since
Feb 18, 2026