This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2017-07-05
Product Ultra Services Framework Staging Server Last view 2017-07-05
Version 5.0.2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:cisco:ultra_services_framework_staging_server

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2017-07-05 CVE-2017-6714

A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability by crafting CLI command inputs to execute Linux shell commands as the root user. This vulnerability affects all releases of Cisco Ultra Services Framework Staging Server prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76673.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Snort® IPS/IDS

Date Description
2017-07-06 Cisco Ultra Services Framework command injection attempt
RuleID : 43456 - Type : SERVER-WEBAPP - Revision : 1