CVE-2017-12342
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-12342
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could exploit this vulnerability by crafting specific packets for communication on the device-internal network. A successful exploit could allow the attacker to run code on the underlying host operating system. OAC is not enabled by default. For a device to be vulnerable, an administrator would need to install and activate this feature. This vulnerability affects the following Cisco Nexus Series Switches: Nexus 2000 Series Fabric Extenders, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches. Cisco Bug IDs: CSCve53542, CSCvf36621.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
权限、特权和访问控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Nexus 2000 Series Fabric Extenders等都是美国思科(Cisco)公司的产品。Cisco Nexus 2000 Series Fabric Extenders是一款Nexus 2000系列阵列扩展器。Nexus 5000 Series Switches是一款5000系列交换机。 多款Cisco产品中的Open Agent Container (OAC)功能存在代码执行漏洞,该漏洞源于OAC功能中的内部安全措施不足。本地攻击者可通过制造特定的数据包利用该漏洞在底层主
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Cisco Nexus Series Switches | Cisco Nexus Series Switches | - |
II. Public POCs for CVE-2017-12342
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-12342
Please Login to view more intelligence information
Same Patch Batch · n/a · 2017-11-30 · 56 CVEs total
| CVE-2017-12359 | 多款Cisco产品WebEx Advanced Recording Format Player 缓冲区错误漏洞 | |
| CVE-2017-14198 | Squiz Matrix 安全漏洞 | |
| CVE-2017-12370 | 多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞 | |
| CVE-2017-14196 | Squiz Matrix File Bridge插件路径遍历漏洞 | |
| CVE-2017-12372 | 多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞 | |
| CVE-2017-12371 | 多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞 | |
| CVE-2017-14197 | Squiz Matrix Matrix WYSIWYG插件跨站脚本漏洞 | |
| CVE-2017-12362 | Cisco Meeting Server 安全漏洞 | |
| CVE-2017-12361 | Cisco Jabber for Windows 信息泄露漏洞 | |
| CVE-2017-12360 | Cisco WebEx Business Suite meeting site和Cisco WebEx Meetings site WebEx Recording Format P | |
| CVE-2017-12363 | Cisco WebEx Meeting Server 安全漏洞 | |
| CVE-2017-12358 | Cisco Jabber for Windows、Mac、Android和iOS Cisco Jabber 跨站脚本漏洞 | |
| CVE-2017-12357 | Cisco Unified Communications Manager 跨站脚本漏洞 | |
| CVE-2017-12356 | Cisco Jabber for Windows、Mac、Android和iOS Cisco Jabber 跨站脚本漏洞 | |
| CVE-2017-12355 | Cisco IOS XR Software 安全漏洞 | |
| CVE-2017-12354 | Cisco Secure Access Control System 信息泄露漏洞 | |
| CVE-2017-12353 | Cisco Email Security Appliance Cisco AsyncOS Software Multipurpose Internet Mail Extension | |
| CVE-2017-12352 | Cisco Application Policy Infrastructure Controller 命令注入漏洞 | |
| CVE-2017-12351 | 多款Cisco产品NX-OS System Software 安全漏洞 | |
| CVE-2017-12349 | Cisco UCS Central Software 安全漏洞 |
Showing top 20 of 56 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2017-12342
No comments yet