CVE-2017-6622

Public Exploit

Description

A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. This vulnerability affects Cisco Prime Collaboration Provisioning Software Releases prior to 12.1. Cisco Bug IDs: CSCvc98724.

References

Link	Tags
http://www.securitytracker.com/id/1038507	vdb entry
http://www.securityfocus.com/bid/98520	vdb entry third party advisory
https://www.exploit-db.com/exploits/42888/	exploit
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2017-6622?: CVE-2017-6622 has been scored as a critical severity vulnerability.
How to fix CVE-2017-6622?: To fix CVE-2017-6622, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2017-6622 being actively exploited in the wild?: It is possible that CVE-2017-6622 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~77% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2017-6622?: CVE-2017-6622 affects n/a Cisco Prime Collaboration Provisioning.

Description

Categories

CWE-264 – Permissions, Privileges, and Access Controls

CWE-862 – Missing Authorization

References

Frequently Asked Questions