CVE-2017-6748: Command Injection
First published: Tue Jul 25 2017(Updated: )
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Web Security Appliance | =10.0.0-232 | |
| Cisco Web Security Appliance | =10.0.0-233 | |
| Cisco Web Security Appliance | =10.0_base | |
| Cisco Web Security Appliance | =10.1.0 | |
| Cisco Web Security Appliance | =10.1.0-204 | |
| Cisco Web Security Appliance | =10.1.1-230 | |
| Cisco Web Security Appliance | =10.5.0 | |
| Cisco Web Security Appliance | =10.5.0-358 | |
| Cisco Web Security Appliance | =11.0.0 | |
| Cisco Web Security Appliance | =11.0.0-613 | |
| Cisco Web Security Virtual Appliance | =10.0.0 | |
| Cisco Web Security Virtual Appliance | =10.0_base | |
| Cisco Web Security Virtual Appliance | =10.1.0 | |
| Cisco Web Security Virtual Appliance | =10.1.1 | |
| Cisco Web Security Virtual Appliance | =10.1_base | |
| Cisco Web Security Virtual Appliance | =10.5.1 | |
| Cisco Web Security Virtual Appliance | =10.5_base | |
| Cisco Web Security Virtual Appliance | =11.0.0 | |
| Cisco Web Security Virtual Appliance | =11.0_base |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6748?
CVE-2017-6748 is considered a high-severity vulnerability that allows authenticated attackers to perform command injection and elevate privileges.
How do I fix CVE-2017-6748?
To fix CVE-2017-6748, upgrade the Cisco Web Security Appliance to the latest version as recommended by Cisco Security Advisory.
Which products are affected by CVE-2017-6748?
CVE-2017-6748 affects several versions of the Cisco Web Security Appliance and Cisco Web Security Virtual Appliance.
Can an attacker exploit CVE-2017-6748 without authentication?
No, an attacker must authenticate with valid operator-level or administrator-level credentials to exploit CVE-2017-6748.
What type of attack can CVE-2017-6748 facilitate?
CVE-2017-6748 can facilitate command injection attacks, potentially allowing an attacker to gain root privileges.
- collector/nvd-index
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco web security appliance
- version/cisco web security appliance/10.0.0-232
- version/cisco web security appliance/10.0.0-233
- version/cisco web security appliance/10.0_base
- version/cisco web security appliance/10.1.0
- version/cisco web security appliance/10.1.0-204
- version/cisco web security appliance/10.1.1-230
- version/cisco web security appliance/10.5.0
- version/cisco web security appliance/10.5.0-358
- version/cisco web security appliance/11.0.0
- version/cisco web security appliance/11.0.0-613
- canonical/cisco web security virtual appliance
- version/cisco web security virtual appliance/10.0.0
- version/cisco web security virtual appliance/10.0_base
- version/cisco web security virtual appliance/10.1.0
- version/cisco web security virtual appliance/10.1.1
- version/cisco web security virtual appliance/10.1_base
- version/cisco web security virtual appliance/10.5.1
- version/cisco web security virtual appliance/10.5_base
- version/cisco web security virtual appliance/11.0.0
- version/cisco web security virtual appliance/11.0_base