QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6650

Back to search

CVE-2017-6650

Published: May 22, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86771.

VendorProductVersions

n/a

Cisco Nexus Series Switches

affected
Cisco Nexus Series Switches

Weaknesses (CWE)

CWE-20

References

1038518
vdb-entry
x_refsource_SECTRACK
98528
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now