Sensitive Data Exposure in Cisco Ultra Services Platform
CVE-2017-6694

5.5MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Ultra Services Platform
Vendor
CVE Published:
13 June 2017

Summary

A security issue in the Virtual Network Function Manager's logging function of Cisco Ultra Services Platform permits authenticated, local attackers to access sensitive data, including cleartext credentials, on compromised systems. This could lead to unauthorized access and exploitation of the affected systems, posing risks to user data and system integrity.

Affected Version(s)

Cisco Ultra Services Platform Cisco Ultra Services Platform

References

http://www.securityfocus.com/bid/98972
vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.