Cisco Prime Collaboration Provisioning Tool Information Disclosure Vulnerability

cisco-sa-20170621-pcp3 · Medium · Published 8 years ago · Updated 8 years ago

Data: Cisco advisories 1 day ago · Cisco CSAF 5 hours ago · NVD CVEs 8 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. The vulnerability is due to insecure file permissions. A successful exploit could allow the attacker to access sensitive information about the system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp3

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2017-6705
Cisco Bug IDs	CSCvc82973
CVSS Score	Base 5.5 Base 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:X/RL:X/RC:X

Products with public affected evidence

Product	CVE	Affected evidence
Cisco Prime Collaboration Provisioning	CVE-2017-6705	structured affected CSAF product_status