File Directory Exposure in Cisco Prime Collaboration Assurance
CVE-2017-3844
4.3MEDIUM
Key Information:
- Vendor
- Cisco
- Vendor
- CVE Published:
- 22 February 2017
Summary
A vulnerability in the exporting functions of Cisco Prime Collaboration Assurance enables authenticated remote attackers to access file directory listings and download sensitive files. This issue affects specific versions, including 11.0, 11.1, and 11.5 of the software, while earlier releases remain unaffected. The exploitation of this vulnerability can lead to unauthorized access to potentially confidential information, posing significant risks to organizations utilizing this software.
Affected Version(s)
Cisco Prime Collaboration Assurance Cisco Prime Collaboration Assurance
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved