CVE-2017-6793

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Prime Collaboration Provisioning Tool
Vendor: CVE Published:; 7 September 2017

Summary

A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit this vulnerability by accessing unauthorized information via the user interface. Cisco Bug IDs: CSCvd61932.

Affected Version(s)

Cisco Prime Collaboration Provisioning Tool Cisco Prime Collaboration Provisioning Tool

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1039280

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 7, 2017
Vulnerability Reserved
Mar 9, 2017