Vulnerability Details CVE-2017-6690
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.2%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/98998
- http://www.securitytracker.com/id/1038634
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-staros
- http://www.securityfocus.com/bid/98998
- http://www.securitytracker.com/id/1038634
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-staros
Products affected by CVE-2017-6690
-
cpe:2.3:a:cisco:asr_5000_software:21.0.v0.65839
-
cpe:2.3:a:cisco:asr_5000_software:21.3.m0.67005
-
cpe:2.3:h:cisco:asr_5000:-