ByteOS Network

CVE Vulnerability Details :

CVE-2017-6224

PUBLISHED

More Info Official Page

Assigner-brocade

Assigner Org ID-87b297d7-335e-4844-9551-11b97995a791

Published At-13 Oct, 2017 | 17:00

Updated At-16 Sep, 2024 | 18:34

▼CVE Numbering Authority (CNA)

Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x, 200.2.x, 200.3.x, 200.4.x. contain OS Command Injection vulnerabilities that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system by appending those commands in the Common Name field in the Certificate Generation Request.

Affected Products

Vendor

Brocade Communications Systems, Inc. (Broadcom Inc.)

Product

Zone Director Controller and Unleashed AP Firmware

Versions

Affected

ZD9.x
ZD10.0.0.x
ZD10.0.1.x
200.x
200.2.x
200.3.x
200.4.x

Problem Types

Type	CWE ID	Description
text	N/A	Authenticated Root Command Injection.

References

Hyperlink	Resource
https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-092917.txt	x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-092917.txt	x_refsource_CONFIRM x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References