{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Finesse",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Hosted Collaboration Mediation Fulfillment",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco MediaSense",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Prime License Manager",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Intelligence Center (UIC)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Communication Manager Session Management Edition (SME)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Communications Manager IM and Presence Service (IM\u0026P; anciennement Cisco Unified Presence)",
      "product": {
        "name": "Unified Communications Manager",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco SocialMiner",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Emergency Responder",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unity Connection",
      "product": {
        "name": "Unity Connection",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Contact Center Express (UCCx)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Unified Communications Manager (UCM)",
      "product": {
        "name": "Unified Communications Manager",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-12337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12337"
    }
  ],
  "initial_release_date": "2017-11-15T00:00:00",
  "last_revision_date": "2017-11-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-416",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-11-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Cisco Voice Operating System.\nElle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Voice Operating System",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20171115-vos du 15 novembre 2017",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
    }
  ]
}

{
  "bids": {
    "bid": {
      "bidNumber": "101865"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12337"
    }
  },
  "description": "Cisco Voice Operating System\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u8bed\u97f3\u64cd\u4f5c\u7cfb\u7edf\u3002Cisco Unified Communications Manager\uff08UCM\uff09\u7b49\u90fd\u662f\u57fa\u4e8eCisco Voice Operating System\u5e73\u53f0\u7684\u4ea7\u54c1\u3002Cisco Unified Communications Manager\uff08UCM\uff09\u662f\u4e00\u6b3e\u7edf\u4e00\u901a\u4fe1\u7cfb\u7edf\u4e2d\u7684\u547c\u53eb\u5904\u7406\u7ec4\u4ef6\u3002Unified Communication Manager Session Management Edition\uff08SME\uff09\u662f\u5b83\u7684\u4f1a\u8bdd\u7ba1\u7406\u7248\u3002\r\n\r\n\u57fa\u4e8eCisco Voice Operating System\u7684\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684\u66f4\u65b0\u673a\u5236\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u63d0\u5347\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "Quentin Rhoads-Herrera and Rich Mirch of the State Farm Penetration Testing Team",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37099",
  "openTime": "2017-12-14",
  "patchDescription": "Cisco Voice Operating System\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u8bed\u97f3\u64cd\u4f5c\u7cfb\u7edf\u3002Cisco Unified Communications Manager\uff08UCM\uff09\u7b49\u90fd\u662f\u57fa\u4e8eCisco Voice Operating System\u5e73\u53f0\u7684\u4ea7\u54c1\u3002Cisco Unified Communications Manager\uff08UCM\uff09\u662f\u4e00\u6b3e\u7edf\u4e00\u901a\u4fe1\u7cfb\u7edf\u4e2d\u7684\u547c\u53eb\u5904\u7406\u7ec4\u4ef6\u3002Unified Communication Manager Session Management Edition\uff08SME\uff09\u662f\u5b83\u7684\u4f1a\u8bdd\u7ba1\u7406\u7248\u3002\r\n\r\n\u57fa\u4e8eCisco Voice Operating System\u7684\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u7684\u66f4\u65b0\u673a\u5236\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u63d0\u5347\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eCisco\u4ea7\u54c1\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Unified Communications Manager",
      "Cisco Unity Connection",
      "Cisco Unified Communications Manager IM and Presence Service",
      "Cisco Unified Intelligence Center",
      "Cisco Emergency Responder",
      "Cisco Voice OS 0"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos\r\nhttp://www.securityfocus.com/bid/101865",
  "serverity": "\u9ad8",
  "submitTime": "2017-11-16",
  "title": "\u591a\u6b3eCisco\u4ea7\u54c1\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3342DE3-F98B-48CF-9416-FA8D7F062E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:finesse:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F343F98-1100-489F-B34C-480F7898A240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:hosted_collaboration_solution:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8A8E190-1846-44ED-9572-D80D71A433DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:mediasense:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0A2D56-3667-438C-A367-4DB74F72507B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_license_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE11E45-1A8C-497C-A1B1-ED695E812CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9A9B36-D4E2-4578-9BB9-3CCD008AE628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "395232C7-93D5-4877-A726-32E5BAFAF812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:-:*:*:*:session_management:*:*:*",
              "matchCriteriaId": "863C456D-EE60-49F8-AFB0-795EA29CD93D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16991CD6-A32F-4891-B6B6-41D050FC1412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F1581-0CD5-40B9-8C9E-0E428E6D75C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3270ADFF-27F5-4972-AB44-FA2882486B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0368C678-72A4-4F48-B31D-77A6BDAAC4DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el mecanismo de actualizaci\u00f3n de productos de colaboraci\u00f3n de Cisco basados en la plataforma de software Cisco Voice Operating System podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso elevado no autorizado a un dispositivo afectado. La vulnerabilidad ocurre cuando un refresh upgrade (RU) o una migraci\u00f3n Prime Collaboration Deployment (PCD) se realiza en un dispositivo afectado. Cuando un refresh upgrade o una migraci\u00f3n PCD se completa con \u00e9xito, una marca de ingenier\u00eda se mantiene habilitada y podr\u00eda permitir el acceso root al dispositivo con una contrase\u00f1a conocida. Si el dispositivo vulnerable se actualiza empleando el m\u00e9todo de actualizaci\u00f3n est\u00e1ndar a un Engineering Special Release, la actualizaci\u00f3n del servicio o una nueva actualizaci\u00f3n del producto afectado, esta vulnerabilidad se remedia mediante tal acci\u00f3n. Nota: Los Engineering Special Release que se instalan como archivos COP, a diferencia del m\u00e9todo de actualizaci\u00f3n est\u00e1ndar, no remedian esta vulnerabilidad. Un atacante que pueda acceder a un dispositivo afectado mediante SFTP mientras se encuentre en un estado vulnerable podr\u00eda obtener acceso root al dispositivo. Este acceso podr\u00eda permitir que el atacante comprometa completamente el sistema afectado. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797."
    }
  ],
  "id": "CVE-2017-12337",
  "lastModified": "2025-07-31T15:03:24.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-16T07:29:01.023",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101865"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039813"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039814"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039815"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039816"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039817"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039818"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039819"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039820"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101865"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2017-12337",
    "description": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.",
    "id": "GSD-2017-12337"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-12337"
      ],
      "details": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.",
      "id": "GSD-2017-12337",
      "modified": "2023-12-13T01:21:03.888773Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2017-12337",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Voice Operating System",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco Voice Operating System"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-287"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "101865",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/101865"
          },
          {
            "name": "1039815",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039815"
          },
          {
            "name": "1039817",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039817"
          },
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
          },
          {
            "name": "1039814",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039814"
          },
          {
            "name": "1039818",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039818"
          },
          {
            "name": "1039819",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039819"
          },
          {
            "name": "1039820",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039820"
          },
          {
            "name": "1039813",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039813"
          },
          {
            "name": "1039816",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039816"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_license_manager:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unity_connection:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:-:*:*:*:session_management:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:finesse:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:mediasense:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:socialminer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:unified_intelligence_center:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:hosted_collaboration_solution:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12337"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
            },
            {
              "name": "1039820",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039820"
            },
            {
              "name": "1039819",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039819"
            },
            {
              "name": "1039818",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039818"
            },
            {
              "name": "1039817",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039817"
            },
            {
              "name": "1039816",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039816"
            },
            {
              "name": "1039815",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039815"
            },
            {
              "name": "1039814",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039814"
            },
            {
              "name": "1039813",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039813"
            },
            {
              "name": "101865",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/101865"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:22Z",
      "publishedDate": "2017-11-16T07:29Z"
    }
  }
}

{
  "affected": [],
  "aliases": [
    "CVE-2017-12337"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-16T07:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.",
  "id": "GHSA-rg7v-73fx-2hfh",
  "modified": "2022-05-13T01:37:51Z",
  "published": "2022-05-13T01:37:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12337"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101865"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039813"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039814"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039815"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039816"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039817"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039818"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039819"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039820"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}