Strix
26.1K

CVE-2017-6662

Unknown

Last modified

CVE-2017-6662 is a vulnerability of currently unknown severity. A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker must have valid user credentials.

Description

A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker must have valid user credentials. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file with malicious entries which could allow the attacker to read and write files and execute remote code within the application, aka XML Injection. Cisco Prime Infrastructure software releases 1.1 through 3.1.6 are vulnerable. Cisco EPNM software releases 1.2, 2.0, and 2.1 are vulnerable. Cisco Bug IDs: CSCvc23894 CSCvc49561.

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoEvolved Programmable Network Manager1.2.0
CiscoEvolved Programmable Network Manager1.2.1.3
CiscoEvolved Programmable Network Manager1.2.200
CiscoEvolved Programmable Network Manager1.2.300
CiscoEvolved Programmable Network Manager1.2.400
CiscoEvolved Programmable Network Manager1.2.500
CiscoEvolved Programmable Network Manager2.0\(4.0.45d\)
CiscoEvolved Programmable Network Manager2.0.0
CiscoPrime Infrastructure1.2
CiscoPrime Infrastructure1.2.0.103
CiscoPrime Infrastructure1.2.1
CiscoPrime Infrastructure1.3
CiscoPrime Infrastructure1.3.0.20
CiscoPrime Infrastructure1.4
CiscoPrime Infrastructure1.4.0.45
CiscoPrime Infrastructure1.4.1
CiscoPrime Infrastructure1.4.2
CiscoPrime Infrastructure2.0
CiscoPrime Infrastructure2.1.0
CiscoPrime Infrastructure2.2
CiscoPrime Infrastructure2.2\(2\)
CiscoPrime Infrastructure2.2\(3\)
CiscoPrime Infrastructure3.0
CiscoPrime Infrastructure3.1
CiscoPrime Infrastructure3.1\(0.128\)
CiscoPrime Infrastructure3.1\(4.0\)
CiscoPrime Infrastructure3.1\(5.0\)
CiscoPrime Infrastructure3.1.1
CiscoPrime Infrastructure3.2\(0.0\)
CiscoPrime Infrastructure3.2_base

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-6662?
A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker must have valid user credentials. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file with malicious entries which could allow the attacker to read and write files and execute remote code within the application, aka XML Injection. Cisco Prime Infrastructure software releases 1.1 through 3.1.6 are vulnerable. Cisco EPNM software releases 1.2, 2.0, and 2.1 are vulnerable. Cisco Bug IDs: CSCvc23894 CSCvc49561.
How severe is CVE-2017-6662?
Severity scoring for CVE-2017-6662 is pending analysis.
How do I fix CVE-2017-6662?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6662?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST