PT-2017-17245 · Cisco · Cisco Asr 5000 Series Aggregated Services Routers

Published

2017-06-13

Updated

2019-10-03

CVE-2017-6690

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Cisco ASR 5000 Series Aggregated Services Routers versions 21.0.v0.65839 through 21.3.M0.67005

Description A vulnerability in the file check operation could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system.

Recommendations For versions 21.0.v0.65839 through 21.3.M0.67005, update to version 21.4.A0.67087 or later to resolve the issue. For versions 21.0.v0.65839 through 21.3.M0.67005, update to version 21.3.M0.67084 or later as an alternative fix.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-6690

Affected Products

Cisco Asr 5000 Series Aggregated Services Routers

PT-2017-17245 · Cisco · Cisco Asr 5000 Series Aggregated Services Routers

CVE-2017-6690

Weakness Enumeration

Related Identifiers

Affected Products

References · 5