Cisco NX-OS CVE-2017-6650 命令注入漏洞公告

关键漏洞信息 Advisory ID: cisco-sa-20170517-nss1 CVSS Score: 4.4 (Medium) CVE ID: CVE-2017-6650 CWE ID: CWE-20 Summary Vulnerability Type: Command Injection Affected Software: Cisco NX-OS System Software Affected Hardware: Cisco Nexus Series Switches Description: Insufficient input validation allows authenticated, local attackers to inject crafted commands, potentially accessing files outside user privilege levels. Affected Products Cisco Nexus 3000, 3500, 5000, 6000, 7000, 9500, 9000 Series Switches Cisco MDS 9000 Series Multilayer Switches Workarounds Status: No available workarounds Fixed Software Consult the Cisco bug ID for affected software releases. Ensure devices have enough memory before upgrading. Exploitation Status No public announcements or malicious use reported by Cisco PSIRT.

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Cisco NX-OS CVE-2017-6650 命令注入漏洞公告

目标达成感谢每一位支持者 — 我们达成了 100% 目标！