CVE-2017-6771

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to a specific URL of an affected device. An exploit could allow the attacker to view sensitive configuration information about the deployment. Cisco Bug IDs: CSCvd29358. Known Affected Releases: 21.0.v0.65839.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:ultra_services_framework:21.0.v0.65839:*:*:*:*:*:*:*

History

21 Nov 2024, 03:30

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/100385 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/100385 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf - Vendor Advisory

Information

Published : 2017-08-17 20:29

Updated : 2024-11-21 03:30


NVD link : CVE-2017-6771

Mitre link : CVE-2017-6771

CVE.ORG link : CVE-2017-6771


JSON object : View

Products Affected

cisco

  • ultra_services_framework
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor