Description
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Cisco / Cisco Carrier Packet Transport3.1.0 – 3.1.0
- Cisco / Cisco Carrier Packet Transport9.5.3 – 9.5.3
- Cisco / Cisco Carrier Packet Transport9.5.1 – 9.5.1
- Cisco / Cisco Carrier Packet Transport9.5.2 – 9.5.2
- Cisco / Cisco Carrier Packet Transport9.7.0 – 9.7.0
- Cisco / Cisco Carrier Packet Transport9.521 – 9.521
- Cisco / Cisco Carrier Packet Transport4.5.0 – 4.5.0
- Cisco / Cisco Carrier Packet Transport4.7.0 – 4.7.0
- Cisco / Cisco Carrier Packet Transport3.2.0 – 3.2.0
- Cisco / Cisco Carrier Packet Transport3.2.1 – 3.2.1
- Cisco / Cisco Carrier Packet Transport3.5 – 3.5
- Cisco / Cisco Carrier Packet Transport3.1 – 3.1
- Cisco / Cisco Carrier Packet Transport3.2 – 3.2
- Cisco / Cisco Carrier Packet Transport2.5 – 2.5
- Cisco / Cisco Carrier Packet Transport2.0 – 2.0
- Cisco / Cisco Carrier Packet Transport9.2.2 – 9.2.2
- Cisco / Cisco Carrier Packet Transport1.4.0 – 1.4.0
- Cisco / Cisco Carrier Packet Transport1.0 – 1.0
- Cisco / Cisco Carrier Packet Transport1.1 – 1.1
- Cisco / Cisco Carrier Packet Transport1.2 – 1.2
- Cisco / Cisco Carrier Packet Transport2.1.0 – 2.1.0
- Cisco / Cisco Carrier Packet Transport2.3.0 – 2.3.0
- Cisco / Cisco Carrier Packet Transport2.3.3 – 2.3.3
- Cisco / Cisco Carrier Packet Transport2.3.5 – 2.3.5
- Cisco / Cisco Carrier Packet Transport2.3.4 – 2.3.4
- Cisco / Cisco Carrier Packet Transport2.0.1 – 2.0.1
- Cisco / Cisco Carrier Packet Transport2.0.0 – 2.0.0
- Cisco / Cisco Carrier Packet Transport2.0.3 – 2.0.3
- Cisco / Cisco Carrier Packet Transport2.0.4 – 2.0.4
- Cisco / Cisco Carrier Packet Transport2.0.5 – 2.0.5
- Cisco / Cisco Carrier Packet Transport2.4.0 – 2.4.0
- Cisco / Cisco Carrier Packet Transport2.2.2 – 2.2.2
- Cisco / Cisco Carrier Packet Transport2.2.3 – 2.2.3
- Cisco / Cisco Carrier Packet Transport10.8.0 – 10.8.0
- Cisco / Cisco Carrier Packet Transport7.0.3 – 7.0.3
- Cisco / Cisco Carrier Packet Transport7.0.1 – 7.0.1
- Cisco / Cisco Carrier Packet Transport1.0.2 – 1.0.2
- Cisco / Cisco Carrier Packet Transport1.1.1 – 1.1.1
- Cisco / Cisco Carrier Packet Transport1.1.2 – 1.1.2
- Cisco / Cisco Carrier Packet Transport4.1 – 4.1
- Cisco / Cisco Carrier Packet Transport4.0 – 4.0
- Cisco / Cisco Carrier Packet Transport12.1.0 – 12.1.0
- Cisco / Cisco Carrier Packet Transport9.8.1 – 9.8.1
- Cisco / Cisco Carrier Packet Transport9.8.0 – 9.8.0
- Cisco / Cisco Carrier Packet Transport4.1.82 – 4.1.82
- Cisco / Cisco Carrier Packet Transport4.1.4 – 4.1.4
- Cisco / Cisco Carrier Packet Transport4.6.1 – 4.6.1
- Cisco / Cisco Carrier Packet Transport4.0.4 – 4.0.4
- Cisco / Cisco Carrier Packet Transport4.0.3 – 4.0.3
- Cisco / Cisco Carrier Packet Transport6.2.4 – 6.2.4
- Cisco / Cisco Carrier Packet Transport3.0.5 – 3.0.5
- Cisco / Cisco Carrier Packet Transport3.0.6 – 3.0.6
- Cisco / Cisco Carrier Packet Transport3.0.7 – 3.0.7
- Cisco / Cisco Carrier Packet Transport3.0.3 – 3.0.3
- Cisco / Cisco Carrier Packet Transport3.0.0 – 3.0.0
- Cisco / Cisco Carrier Packet Transport9.5.0 – 9.5.0
- Cisco / Cisco Catalyst SD-WANN/A – N/A
- Cisco / Cisco Catalyst SD-WAN ManagerN/A – N/A
- Cisco / Cisco Enterprise NFV Infrastructure SoftwareN/A – N/A
- Cisco / Cisco IOS XE Catalyst SD-WANN/A – N/A
- Cisco / Cisco IOS XR SoftwareN/A – N/A
- Cisco / Cisco Network Services OrchestratorN/A – N/A
- Cisco / Cisco SD-WAN vEdge RouterN/A – N/A
- Cisco / Cisco Ultra Gateway PlatformN/A – N/A
- Cisco / Cisco Virtual Topology System (VTS)N/A – N/A