CVE-2017-6885 (GCVE-0-2017-6885)
Vulnerability from cvelistv5
Published
2017-05-16 15:00
Modified
2024-08-05 15:41
Severity ?
CWE
  • Privilege escalation by locally authenticated users
Summary
An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges.
References
Impacted products
Vendor Product Version
Flexera Software LLC FlexNet Manager Suite Version: 2017 prior to 2017 R1
Version: 2014 R3 through 2016 R1 SP1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:41:17.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/advisories/76223/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FlexNet Manager Suite",
          "vendor": "Flexera Software LLC",
          "versions": [
            {
              "status": "affected",
              "version": "2017 prior to 2017 R1"
            },
            {
              "status": "affected",
              "version": "2014 R3 through 2016 R1 SP1"
            }
          ]
        }
      ],
      "datePublic": "2017-04-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege escalation by locally authenticated users",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-16T14:57:01.000Z",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/advisories/76223/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2017-6885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "FlexNet Manager Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2017 prior to 2017 R1"
                          },
                          {
                            "version_value": "2014 R3 through 2016 R1 SP1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Flexera Software LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation by locally authenticated users"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://secuniaresearch.flexerasoftware.com/advisories/76223/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/advisories/76223/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2017-6885",
    "datePublished": "2017-05-16T15:00:00.000Z",
    "dateReserved": "2017-03-14T00:00:00.000Z",
    "dateUpdated": "2024-08-05T15:41:17.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.