File Download Vulnerability in Cisco Prime Collaboration Assurance
CVE-2017-3843

4.3MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Prime Collaboration Assurance
Vendor
CVE Published:
22 February 2017

Summary

A vulnerability in the file download functions of Cisco Prime Collaboration Assurance allows authenticated, remote attackers to download restricted system files, potentially leading to unauthorized access to sensitive information. This weakness affects version 11.5(0) and highlights the importance of securing file transfer functionalities within network management products.

Affected Version(s)

Cisco Prime Collaboration Assurance Cisco Prime Collaboration Assurance

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/96248
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037843
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.