Search
Find a vulnerability
Search criteria
2 vulnerabilities found for context_service_development_kit by cisco
CVE-2017-6667 (GCVE-0-2017-6667)
Vulnerability from nvd – Published: 2017-06-13 06:00 – Updated: 2024-08-05 15:33
VLAI
Summary
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.
Severity
No CVSS data available.
CWE
- Arbitrary Code Execution Vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98978 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Cisco Context Service SDK |
Affected:
Cisco Context Service SDK
|
Date Public
2017-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Context Service SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Context Service SDK"
}
]
}
],
"datePublic": "2017-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98978"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Context Service SDK",
"version": {
"version_data": [
{
"version_value": "Cisco Context Service SDK"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98978"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6667",
"datePublished": "2017-06-13T06:00:00.000Z",
"dateReserved": "2017-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:33:20.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6667 (GCVE-0-2017-6667)
Vulnerability from cvelistv5 – Published: 2017-06-13 06:00 – Updated: 2024-08-05 15:33
VLAI
Summary
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.
Severity
No CVSS data available.
CWE
- Arbitrary Code Execution Vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98978 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Cisco Context Service SDK |
Affected:
Cisco Context Service SDK
|
Date Public
2017-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Context Service SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Context Service SDK"
}
]
}
],
"datePublic": "2017-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-13T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98978"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Context Service SDK",
"version": {
"version_data": [
{
"version_value": "Cisco Context Service SDK"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-ccs"
},
{
"name": "98978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98978"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6667",
"datePublished": "2017-06-13T06:00:00.000Z",
"dateReserved": "2017-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:33:20.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}