CVE-2017-6885
First published: Tue May 16 2017(Updated: )
An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges.
Credit: PSIRT-CNA@flexerasoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Flexera FlexNet Manager Suite | =2014 | |
| Flexera FlexNet Manager Suite | =2015 | |
| Flexera FlexNet Manager Suite | =2016 | |
| Flexera FlexNet Manager Suite | =2017 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-6885?
CVE-2017-6885 is considered to have a moderate severity due to its potential to elevate privileges.
How do I fix CVE-2017-6885?
To fix CVE-2017-6885, upgrade FlexNet Manager Suite to version 2017 R1 or a later version.
What software is affected by CVE-2017-6885?
CVE-2017-6885 impacts FlexNet Manager Suite versions 2014 through 2017 prior to R1.
What type of vulnerability is CVE-2017-6885?
CVE-2017-6885 is a privilege escalation vulnerability related to external command handling.
Is there a workaround for CVE-2017-6885?
There is no known workaround for CVE-2017-6885; updating to a secure version is recommended.
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/type
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/flexerasoftware
- canonical/flexera flexnet manager suite
- version/flexera flexnet manager suite/2014
- version/flexera flexnet manager suite/2015
- version/flexera flexnet manager suite/2016
- version/flexera flexnet manager suite/2017