CVE-2017-6229 Vulnerability Details

  /     /     /  

CVE-2017-6229 Metadata Quick Info

CVE Published: 14/02/2018 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: brocade | Vendor: Brocade Communications Systems, Inc. | Product: Ruckus Networks Unleashed APs and Zone Director
Status : PUBLISHED

---

CVE-2017-6229 Description

Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Authenticated command injection in CLI interface of ZD/Unleashed software.
Source: Brocade Communications Systems, Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).