PT-2017-12517 · Cisco · Cisco Nx-Os+1

Publicado

2017-11-29

Atualizado

2019-10-09

CVE-2017-12351

CVSS v3.1

5.7

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Cisco NX-OS System Software (affected versions not specified)

Description A vulnerability in the guest shell feature could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. The attacker would need valid administrator credentials to perform this attack. The issue is due to insufficient internal security measures in the guest shell feature, allowing an attacker to exploit it by sending or receiving packets on the device-internal network outside of the guest shell container.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exposure of Resource to Wrong Sphere

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-668CWE-264

Identificadores relacionados

CVE-2017-12351

Produtos afetados

Cisco Nx-Os

Cisco Nexus

PT-2017-12517 · Cisco · Cisco Nx-Os+1

CVE-2017-12351

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5