CVE-2017-12285 - OpenCVE

A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that it receives and the software does not apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. Cisco Bug IDs: CSCvf41365.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Prime Network Analysis Module

Configuration 1 [-]

cpe:2.3:a:cisco:prime_network_analysis_module:6.2\(1b\):*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101527
http://www.securitytracker.com/id/1039623
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-10-19T08:00:00

Updated: 2024-08-05T18:36:55.684Z

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12285

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-10-19T08:29:00.467

Modified: 2019-10-09T23:22:50.527

Link: CVE-2017-12285

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Network Analysis Module", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Network Analysis Module"}]}], "datePublic": "2017-10-19T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that it receives and the software does not apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. Cisco Bug IDs: CSCvf41365."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-10-24T09:57:02", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "101527", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101527"}, {"name": "1039623", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039623"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-12285", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Network Analysis Module", "version": {"version_data": [{"version_value": "Cisco Network Analysis Module"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that it receives and the software does not apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. Cisco Bug IDs: CSCvf41365."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "101527", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101527"}, {"name": "1039623", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039623"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:36:55.684Z"}, "title": "CVE Program Container", "references": [{"name": "101527", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101527"}, {"name": "1039623", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039623"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-12285", "datePublished": "2017-10-19T08:00:00", "dateReserved": "2017-08-03T00:00:00", "dateUpdated": "2024-08-05T18:36:55.684Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_network_analysis_module:6.2\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "74E8BA60-1368-4199-8068-43BCEAAA4CF2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that it receives and the software does not apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. Cisco Bug IDs: CSCvf41365."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz web del software Cisco Network Analysis Module podr\u00eda permitir que un atacante remoto no autenticado elimine archivos arbitrarios de un sistema afectado. Esto tambi\u00e9n se conoce como salto de directorio. Esta vulnerabilidad existe porque el software afectado no realiza una correcta validaci\u00f3n de entradas de las peticiones HTTP que recibe y el software no aplica controles de acceso basados en roles (RBAC) a URL HTTP solicitadas. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP manipulada al software afectado. Un exploit con \u00e9xito podr\u00eda permitir que el atacante elimine archivos arbitrarios del sistema afectado. Cisco Bug IDs: CSCvf41365."}], "id": "CVE-2017-12285", "lastModified": "2019-10-09T23:22:50.527", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-19T08:29:00.467", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101527"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039623"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}