CVE-2017-6679
published 2017-12-01CVE-2017-6679: The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the…
PriorityP427medium6.4CVSS 3.1
AVLACHPRHUINSUCHIHAH
EPSS
0.36%
27.8th percentile
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for authorized/authenticated personnel from the Cisco Umbrella team to access the appliance remotely and obtain full control without explicit customer approval. To address this vulnerability, the Umbrella Virtual Appliance version 2.1.0 now requires explicit customer approval before an SSH tunnel from the VA to the Cisco terminating server can be established.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | umbrella_virtual_appliance | < 2.1.0 | 2.1.0 |
| cisco | umbrella_virtual_appliance_undocumented_support_tunnel | — | — |
CVSS provenance
nvdv3.16.4MEDIUMCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.0MEDIUMAV:L/AC:H/Au:S/C:C/I:C/A:C
vendor_cisco6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x42g-fj2g-26mm: The Cisco Umbrella Virtual Appliance Version 2
ghsa_unreviewed·2022-05-13
CVE-2017-6679 [MEDIUM] GHSA-x42g-fj2g-26mm: The Cisco Umbrella Virtual Appliance Version 2
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for authorized/authenticated personnel from the Cisco Umbrella team to access the appliance remotely and obtain full control without explicit customer approval. To address this vulnerability, the Umbrella Virtual Appliance version 2.1.0 now requires explicit customer approval before an SSH tunnel from the VA to the Cisco terminating server can be established.
Cisco
Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
vendor_cisco·2023-08-16·CVSS 6.4
CVE-2017-6679 [MEDIUM] CWE-923 Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker to obtain full control of an affected device. This vulnerability is due to an undocumented support mechanism that is present on the product. An attacker could exploit this vulnerability by obtaining privileges sufficient to access the remote support tunnel. A successful exploit could allow the attacker to access the appliance remotely and obtain full control without explicit customer approval.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Cisco Umbrella originally published this advisory in 2017 on a differen
Cisco
Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-6679 Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
CVE-2017-6679: Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability
A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker to obtain full control of an affected device. This vulnerability is due to an undocumented support mechanism that is present on the product. An attacker could exploit this vulnerability by obtaining privileges sufficient to access the remote support tunnel . A successful exploit could allow the attacker to access the appliance remotely and obtain full control without explicit customer approval. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-923, CWE-923
Bug IDs: CSCwh07325
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/101567https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-tunnel-gJw5thgEhttps://support.umbrella.com/hc/en-us/articles/115004154423https://support.umbrella.com/hc/en-us/articles/115004752143-Virtual-Appliance-Vulnerability-due-to-always-on-SSH-Tunnel-RESOLVED-2017-09-15https://www.info-sec.ca/advisories/Cisco-Umbrella.htmlhttp://www.securityfocus.com/bid/101567https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-tunnel-gJw5thgEhttps://support.umbrella.com/hc/en-us/articles/115004154423https://support.umbrella.com/hc/en-us/articles/115004752143-Virtual-Appliance-Vulnerability-due-to-always-on-SSH-Tunnel-RESOLVED-2017-09-15https://www.info-sec.ca/advisories/Cisco-Umbrella.html
2017-12-01
Published