CVE-2017-6690

Published: Jun 13, 2017Modified: May 13, 2026

4.9

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.

Affected (2)

Products: Cisco: Asr 5000 Software

1 product

Asr 5000 Software

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Asr 5000 Software	Version 21.0.v0.65839
Cisco Asr 5000 Software	Version 21.3.m0.67005

Running on/with	Platform Versions
Cisco Asr 5000	All versions

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.securityfocus.com/bid/98998

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038634

Source: psirt@cisco.com

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-staros

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/98998

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038634

Source: af854a3a-2127-422b-91ae-364da2661108

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-staros

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.