{"api_version":"1","generated_at":"2026-04-23T22:06:53+00:00","cve":"CVE-2017-6885","urls":{"html":"https://cve.report/CVE-2017-6885","api":"https://cve.report/api/cve/CVE-2017-6885.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-6885","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-6885"},"summary":{"title":"CVE-2017-6885","description":"An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges.","state":"PUBLIC","assigner":"PSIRT-CNA@flexerasoftware.com","published_at":"2017-05-16 16:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://secuniaresearch.flexerasoftware.com/advisories/76223/","name":"https://secuniaresearch.flexerasoftware.com/advisories/76223/","refsource":"MISC","tags":["Permissions Required"],"title":"End of Support for the Secunia Community Site - Community","mime":"text/html","httpstatus":"200","archivestatus":"401"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-6885","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6885","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2014","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2015","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2016","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2017","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2014","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2015","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2016","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6885","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flexerasoftware","cpe5":"flexnet_manager_suite","cpe6":"2017","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2017-6885","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"FlexNet Manager Suite","version":{"version_data":[{"version_value":"2017 prior to 2017 R1"},{"version_value":"2014 R3 through 2016 R1 SP1"}]}}]},"vendor_name":"Flexera Software LLC"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Privilege escalation by locally authenticated users"}]}]},"references":{"reference_data":[{"name":"https://secuniaresearch.flexerasoftware.com/advisories/76223/","refsource":"MISC","url":"https://secuniaresearch.flexerasoftware.com/advisories/76223/"}]}},"nvd":{"publishedDate":"2017-05-16 16:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flexerasoftware:flexnet_manager_suite:2016:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flexerasoftware:flexnet_manager_suite:2017:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flexerasoftware:flexnet_manager_suite:2015:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flexerasoftware:flexnet_manager_suite:2014:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"6885","Ordinal":"103578","Title":"CVE-2017-6885","CVE":"CVE-2017-6885","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"6885","Ordinal":"1","NoteData":"An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"6885","Ordinal":"2","NoteData":"2017-05-16","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"6885","Ordinal":"3","NoteData":"2017-05-16","Type":"Other","Title":"Modified"}]}}}