Learn about CVE-2017-12785, a vulnerability in NoviWare software distribution allowing unauthorized users to execute code on NoviSwitch devices. Find mitigation steps and preventive measures here.
CVE-2017-12785, published on August 22, 2017, addresses a vulnerability in the NoviWare software distribution affecting NoviSwitch devices.
Understanding CVE-2017-12785
What is CVE-2017-12785?
The NoviWare software distribution, specifically versions NW400.2.6 and onwards, contains a vulnerability in the novish command-line interface. This vulnerability allows a read-only user with a monitor role to execute arbitrary code on the switch through command injection.
The Impact of CVE-2017-12785
The vulnerability may lead to a buffer overflow in the "show log cli" command, potentially enabling unauthorized users to gain root code execution on the affected switch.
Technical Details of CVE-2017-12785
Vulnerability Description
The novish command-line interface in NoviWare software versions NW400.2.6 and above is susceptible to a buffer overflow in the "show log cli" command, allowing unauthorized users to execute code on NoviSwitch devices.
Affected Systems and Versions
Exploitation Mechanism
The vulnerability can be exploited by a read-only user with a monitor role to inject commands and potentially gain root code execution on the switch.
Mitigation and Prevention
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates
Apply patches and updates provided by the vendor to address the vulnerability.